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File 9:Business & Industry(R) Jul/1994-2005/ Jul 21 

(c) 2005 The Gale Group 
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File 476: Financial Times Fulltext 1982-2005/ Jul 22 
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File 610: Business Wire 1999-2005/ Jul 21 

(c) 2005 Business Wire. 
File 613: PR Newswire 1 999-2005/ Jul 22 

(c) 2005 PR Newswire Association Inc 
File 624 : McGraw-Hill Publications 1985-2005/ Jul 22 

(c) 2005 McGraw-Hill Co. Inc 
File 634: San Jose Mercury Jun 1985-2005/ Jul 21 

(c) 2005 San Jose Mercury News 
File 810:Business Wire 1986-1999/Feb 28 

(c) 1999 Business Wire 
File 813: PR Newswire 1 987-1999/Apr 30 

(c) 1999 PR Newswire Association Inc 
File 88:Gale Group Business A.R.T.S. 197 6-2005/ Jul 21 

(c) 2005 The Gale Group 
File 647: CMP Computer Fulltext 1988-2005/ Jul Wl 

(c) 2005 CMP Media, LLC 
File 674: Computer News Fulltext 1989-2005/ Jul W3 

(c) 2005 IDG Communications 
File 696: DIALOG Telecom. Newsletters 1 995-2005/ Jul 21 

(c) 2005 The Dialog Corp. 
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Set Items Description 

51 48731 DIGITAL () RIGHT? ? OR DRM OR DIGITAL () RIGHT? () MANAGEMENT 

52 7134200 COPYRIGHT? OR INTELLECTUAL () PROPERT??? 

53 17734 (SI OR S2) <5N) (CRYPT? OR ENCIPH? OR ENCYPH? OR DECRYPT? OR 

CODE OR CODES OR CODING? OR CIPHER? OR CYPHER? OR ENCRYPT? OR 
ENCOD?) 

54 3 (SI OR S2) (5N) (RE () ENCRYPT? OR REENCRYPT?) 

55 83280 (TRANSFER? OR DISTRIBUT? OR DOWNLOAD? OR UPLOAD? OR PLAYBA 

CK OR PLAY () BACK OR (UP OR DOWN) ( ) LOAD? ) (5N) (CRYPT? OR ENCIPH 
OR ENCYPH? OR DECRYPT? OR CODE OR CODES OR CODING? OR CIPHER 
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OR CYPHER? OR ENCRYPT? OR ENCOD?) 

56 318422 (MULTI OR MULTIPLE OR MANY OR SEVERAL OR PLURAL? OR NUMERO- 

US) ( 5N) KEY? ? 

57 98134 (FIRST OR PRIMARY OR SECOND? )( 3N) KEY? ? 

58 3311 SECRET () KEY? ? 

59 411 AU=(SAITO, M? OR SAITO M?) 

510 99518 S3 OR S4 OR S5 

511 307 S10(S) (S6 OR S7) 

512 9 S11(S)S8 

513 1 S12 NOT PY>1994 

514 18 Sll NOT PY>1994 

515 17 S14 NOT S13 

516 17 S15 NOT PY>1994 

517 15 RD (unique items) 

518 0 S9 (S) (S3 OR S4) 
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13/3, K/l (Item 1 from file: 15) 

DIALOG (R) File 15 : ABI/Inf orm(R) 

(c) 2005 ProQuest Inf o&Learning . All rts. reserv. 
00759575 94-08967 

A public key extension to the Common Cryptographic Architecture 

Le, An V; Matyas, Stephen M; Johnson, Donald B; Wilkins, John D 
IBM Systems Journal v32n3 PP: 461-485 1993 
ISSN: 0018-8670 JRNL CODE: ISY 
WORD COUNT: 16326 

...TEXT: cannot be accomplished without involving the KDC each time an 
initial key is to be distributed . 

With public key cryptography , electronic distribution of initial keys 
is more feasible and economical using a simple, widely known protocol. When 

...been proposed for certifying and registering public keys, and for 
improving the integrity of the key distribution process .( 17 , 20 ) Many 
of these methods require the involvement of trusted certification centers 
or authentication seers whose roles are similar to those of key 
distribution centers in secret - key -based key distribution. Even with 
that requirement, public-key-based key distribution is still considered 
more advantageous than secret - key -based key distribution .( 17 , 18 , 21 ) The 
advantages are these. First , with public- key -based key distribution, 
the certification center or the authentication server can be off line and 
key distribution is still possible. In contrast, with secret - key -based 
key distribution, on-line access to a key distribution center is usually 
needed each time the communicating parties establish an initial keying 
relationship. Second , in public- key -based key distribution, the degree 
of trust placed on the central authority (e.g., a... 

...center) is generally less than the degree of trust placed on the central 
authority in secret - key -based key distribution. This is because with 
distributed public keys, one needs to be concerned only with their 
integrity, whereas with distributed secret keys (i.e., DEA keys), one 
is concerned with both the secrecy and the integrity of... 
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17/3, K/l (Item 1 from file: 16) 

DIALOG (R) File 16:Gale Group PROMT (R) 

(c) 2005 The Gale Group. All rts. reserv. 

02799487 Supplier Number: 43759153 (USE FORMAT 7 FOR FULLTEXT) 
The industry goes 'back to school 1 
National Home Center News, vO, nO, p23 
April 5, 1993 

Language: English Record Type: Fulltext 
Document Type: Magazine/ Journal ; Trade 
Word Count: 1112 

... being sponsored by a leading home center chain, which 'he also 

declined to reveal, and several key manufacturers, distributors and 
bar- code scanning equipment vendors in the wood products industry. 
To gather information about bar coding, Vlosky. . . ^ 



17/3, K/2 (Item 1 from file: 148) 

DIALOG (R) File 14 8: Gale Group Trade & Industry DB 
(c)-2005 The Gale Group. All rts. reserv. 

07576164 SUPPLIER NUMBER: 16270847 (USE FORMAT 7 OR 9 FOR FULL TEXT) 

CyberSource sells software on Internet. (CyberSource Corp*s software.net 
service) 

Rodriguez, Karen 
InfoWorld, vl6, n47, p53(l) 
Nov 21, 1994 



ISSN: 0199-6649 



LANGUAGE: ENGLISH 



RECORD TYPE: FULLTEXT; ABSTRACT 



WORD COUNT: 



442 



LINE COUNT: 



00037 



... customer's PC. For security, encryption is used in transmitting 

programs over the Internet; customers first download the password key 
to decrypt , then the software. 

Users can preview software programs by downloading product 
demonstrations. The service also... 



17/3, K/3 (Item 1 from file: 160) 

DIALOG (R) File 160:Gale Group PROMT (R) 

(c) 1999 The Gale Group. All rts. reserv. 

01619204 

WESTERN DIGITAL'S NEW LOW-COST, LOW- POWER DATA ENCRYPTION DEVICE THOROUGHLY 
SECURES DATA. 

NEWS RELEASE April 20, 1987 p. 11 

... It will be used in any applications that require on- line, 
end-to-end data encryption / decryption such as electronic funds 
transfers , secure brokerage transactions and automatic teller data 
transfers. The WD20C03 has two modes of operation... 

... decrypt the data. In Cipher Block Chaining mode, the WD20C03 uses the 
same 56-bit key but adds a second variable called an initial vector. 
Both key and user-assigned initial vector are used to... 



17/3, K/4 (Item 1 from file: 275) 

DIALOG (R) File 275: Gale Group Computer DB(TM) 
(c) 2005 The Gale Group. All rts. reserv. 
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01264428 SUPPLIER NUMBER: 07782550 

XDOS runs on Unix machines, (product announcement) 

Danca, Richard A. 

Federal Computer Week, v3, n34, p38(2) 
August 21, 1989 

DOCUMENT TYPE: product announcement ISSN: 08 93-052X LANGUAGE: 

" ENGLISH RECORD TYPE: ABSTRACT 

...ABSTRACT: a computer-aided software engineering tool called the 
analyzer to create a key disk that uploads the DOS binary code into a 
Unix machine then runs XDOS' converter. Hunter has created key disks for 
many popular programs and workstations. The company will license the 
analyzer. 



17/3, K/5 (Item 2 from file: 275) 

DIALOG (R) File 275: Gale Group Computer DB(TM) 
(c) 2005 The Gale Group. All rts. reserv. 

01213402 SUPPLIER NUMBER: 04683846 (USE FORMAT 7 OR 9 FOR FULL TEXT) 

Tl encryption plan protects data, (connectivity section) 

Kopeck, Ron 

PC Week, v4, n9, pC9(2) 
March 3, 1987 

ISSN: 0740-1604 LANGUAGE: ENGLISH RECORD TYPE: FULLTEXT; ABSTRACT 

WORD COUNT: 14 98 LINE COUNT: 00124 

... the same key at exactly the same time. 

The DOD does not permit contractors to download encryptor / 
decryptor keys; units must be loaded with keys directly. Said Kirby 
Dickson, telecommunications security manager for have many individuals 
know the keys or how the keys are changed. 

Also, Hughes was concerned that incorrect key definitions between... 



17/3, K/6 (Item 1 from file: 636) 

DIALOG (R) File 636: Gale Group Newsletter DB(TM) 
(c) 2005 The Gale Group. All rts. reserv. 

01881357 Supplier Number: 43252676 (USE FORMAT 7 FOR FULLTEXT) 
Background on Mass-Market Encryption Software Issue 

Export Control News, v6, n8, pN/A 
August 27, 1992 

Language: English Record Type: Fulltext 
Document Type: Newsletter; Trade 
Word Count: 4 79 

nothing to restrict its availability abroad but instead diminishes 
the international competitiveness of US companies. 

Several key software manufacturers, such as Microsoft, worked 
through SPA to lobby Congress to include an amendment in H.R. 3489, a bill 
to reauthorize the EAA, that would mandate the transfer of mass-market 
encryption software to the jurisdiction of the Commerce Department. Before 
Congress adjourned, the bill was virtually. . . 

17/3, K/7 (Item 2 from file: 636) 

DIALOG (R) File 636: Gale Group Newsletter DB(TM) 
(c) 2005 The Gale Group. All rts. reserv. 
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01012165 Supplier Number: 40335552 (USE FORMAT 7 FOR FULLTEXT) 
Most companies fail software test 
Advanced Military Computing, v4 , n7, pN/A 
March 28, 1988 

Language: English Record Type: Fulltext 
Document Type: Newsletter; Trade 
Word Count : 84 9 

... an aside. He noted the management of the maturation of Ada 

compilers will be a key task for the Ada community. Many compilers have 
come under fire for being too slow and generating poor code . 
COPYRIGHT 1988 BY PASHA PUBLICATIONS INC. 



17/3, K/8 (Item 1 from file: 15) 

DIALOG (R) File 15 : ABI/Inf orm (R) 

(c) 2005 ProQuest Inf o&Learning . All rts. reserv. 
00773318 94-22710 

Placement of cryptographic key distribution within OSI: Design alternatives 
and assessment 

Fumy, Walter; Leclerc, Matthias 

Computer Networks & ISDN Systems v26n2 PP: 217-225 Oct 1993 
ISSN: 0376-5075 JRNL CODE: CNI 

. . .ABSTRACT: key management is to provide procedures for handling 
cryptographic keying material to be used by cryptographic mechanisms. 
Even though many key distribution protocols have been designed, 
little attention has been devoted to the question of how those... 

17/3, K/9 (Item 2 from file: 15) 

DIALOG (R) File 15 : ABI/Inf orm ( R) 

(c) 2005 ProQuest Inf o&Learning . All rts. reserv. 
00609491 92-24594 

Retailers , Manufacturers Applaud Quick Response 

Hoffman, Thomas 

Computerworld v26nl5 PP: 15 Apr 13, 1992 
ISSN: 0010-4841 JRNL CODE: COW 
WORD COUNT: 503 

. . .TEXT: 500 million. 

MANY REWARDS 

Partnering companies have been able to maximize • Quick Response by using 
several key technologies, including electronic data interchange (EDI), 
electronic funds transfer , electronic payments and various bar- coding 
and scanning technologies. Retailers benefit from lower costs, reduced 
inventories, streamlined ordering and receiving processes... 

17/3, K/10 (Item 3 from file: 15) 

DIALOG (R) File 15 : ABI /Inf orm (R) 

(c) 2005 ProQuest Inf o&Learning . All rts. reserv. 

00527040 91-01384 
"Do-It-Yourself " Cryptography 
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Carroll, John M. 

Computers & Security v9n7 PP: 613-619 Nov 1990 
ISSN: 0167-4048 JRNL CODE: CSC 

...ABSTRACT: CRYPTO-LEGGO (CLEG), a stream cipher, may be an inexpensive 
alternative to using the Data Encryption Standard (DES), chips 
distributed under the Commercial Communications Security Endorsement 
Program, or products from vendors with close ties to. . . 

...by adding or removing program modules without altering their essential 
formats. The ciphers use so many keys that each implementation is a 
distinct cipher system. Tests suggest that either cipher can provide... 

17/3, K/ll (Item 4 from file: 15) 

DIALOG (R) File 15 : ABI/Inf orm (R) 

(c) 2005 ProQuest Inf o&Learning . All rts. reserv. 
00412879 88-29712 

Small Switches with Big Features Face Full Market 

Hunter, John 

Network World v5n29 PP: 1, 41-43, 51-52 Jul 18, 1988 
ISSN: 0887-7661 JRNL CODE: NWW 

...ABSTRACT: digital network (ISDN). Pricing wars are expected to shake 
out weaker competitors. Hybrid switches combine many features of key 
systems with the advanced functionality of PBXs and are appealing as a 
low-cost solution. . . 

...will be offering networking PBXs. Meanwhile, many vendors have 
responded to user needs with account . coding and fairly powerful automatic 
call distribution . Observers note that PBXs have become commodity- like , 
and prices are expected to fall soon. 



17/3, K/12 (Item 1 from file: 810) 

DIALOG (R) File 810 eBusiness Wire 

(c) 1999 Business Wire . All rts. reserv. 

0001022 BW170 

OAK INDUSTRIES: Closes $23,000,000 sale of Sigma Units to Maclean Hunter 

January 15, 1986 
Byline: Business Editors 

. . . date, 

Sigma provies to be extremely reliable and provides superior signal 
security. 

Sigma employs audio encryption utilizing a multi -level key- 
distribution technique and encrypts video decoding commands . The 
advanced technology of the Sigma product line from Oak is far... 

17/3, K/13 (Item 1 from file: 88) 

DIALOG (R) File 88: Gale Group Business A.R.T.S. 
(c)' 2005 The Gale Group. All rts. reserv. 

03377816 SUPPLIER NUMBER : 16504690 
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Trust in the new information age. 

Maher, David P. 

AT & T Technical Journal, v73, n5, p9(8) 
Sept-Oct, 1994 

ISSN: 8756-2324 LANGUAGE: English RECORD TYPE: Abstract 

. . . ABSTRACT : must guarantee authenticity of identity, confidentiality, 
integrity, validity of remittances and service availability. Digital 
signatures, encryption systems and certificate-based key distribution 
systems can solve many of these problems. 



17/3, K/14 (Item 2 from file: 88) 

DIALOG (R) File 88: Gale Group Business A.R.T.S. 
(c) 2005 The Gale Group. All rts. reserv. 

01505682 SUPPLIER NUMBER: 03054247 

Another promising code falls; a code that looked too good to be true has a 
fatal weakness and now can be broken in a few seconds. 

Kolata, Gina 

Science, v222, pl224(l) 

Dec 16, 1983 

CODE.N: SCIEAS ISSN: 0036-8075 LANGUAGE: English 

RECORD TYPE: Fulltext 

WORD COUNT: 851 LINE COUNT: 00081 

... the discrete exponentials code unsatisfactory for practical use. At 

Mitre, computer scientists were using the code to distribute encoding 
keys for a more traditional cryptographic system, the DES, that was used to 
scramble messages. . . 

...the discrete exponentials code is 127 bits and it takes, says Schanning, 
less than 10 seconds to exchange DES keys with it. "If we had to go to 
241 bits, it would take minutes and... 



17/3, K/15 (Item 1 from file: 484) 

DIALOG (R) File 4 84 : Periodical Abs Plustext 
(c) 2005 ProQuest. All rts. reserv. 

00919792 

Schrodinger 1 s Catf lap 

Stewart, Ian 

Nature (GNAA) , v353 n6343, p384-385, p. 2 
Oct 3, 1991 

ISSN: 0028-0836 JOURNAL CODE: GNAA 

DOCUMENT TYPE: News 

LANGUAGE: English RECORD TYPE: Abstract 

LENGTH: Long (31+ col inches) 

ABSTRACT: Quantum cryptography, an emerging science, shows how quantum 
theory can be used to guarantee secure distribution of a cryptographic 
key . Several recent developments in the field are discussed. 
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File 256:TecInfoSource 82-2005/Jun 

(c) 2005 Info. Sources Inc 
File 2:INSPEC 1969-2005/Jul W2 

(c) 2005 Institution of Electrical Engineers 
File 35: Dissertation' Abs Online 18 61-2005/ Jun 

(c) 2005 ProQuest Inf o&Learning 
File 65: Inside Conferences 1993-2005/ Jul W3 

(c) 2005 BLDSC all rts.reserv. 
File 99: Wilson Appl . Sci & Tech Abs 1983-2005/ Jun 

(c) 2005 The HW Wilson Co. 
File 583:Gale Group Globalbase (TM) 198 6-2002/Dec 13 

(c) 2002 The Gale Group 
File 474:New York Times Abs 1969-2005/Jul 21 

(c) 2005 The New York Times 
File 475: Wall Street Journal Abs 1973-2005/ Jul 21 

(c) 2005 The New York Times 
File 8:Ei Compendex (R) 1970-2005/ Jul W2 

(c) 2005 Elsevier Eng. Info. Inc. 
File 94 : JICST-EPlus 1985-2005/May W5 

(c)2005 Japan Science and Tech Corp(JST) 
File 6:NTIS 1964-2005/ Jul W2 

(c) 2005 NTIS, Intl Cpyrght All Rights Res 
File 434 : SciSearch <R) Cited Ref Sci 1974-198 9/Dec 

(c) 1998 Inst for Sci Info 
File 34: SciSearch (R) Cited Ref Sci 1990-2005/ Jul W3 

(c) 2005 Inst for Sci Info 



Set Items Description 

51 2897 DIGITAL {) RIGHT? ? OR DRM OR DIGITAL () RIGHT? () MANAGEMENT 

52 336777 COPYRIGHT? OR INTELLECTUAL () PROPERT??? 

53 1466 (SI OR S2) (5N) (CRYPT? OR ENCIPH? OR ENCYPH? OR DECRYPT? OR 

CODE OR CODES OR CODING? OR CIPHER? OR CYPHER? OR ENCRYPT? OR 
ENCOD?) 

54 "0 (SI OR S2) (5N) (RE () ENCRYPT? OR REENCRYPT?) 

55 29108 (TRANSFER? OR DISTRIBUT? OR DOWNLOAD? OR UPLOAD? OR PLAYBA 

CK OR PLAY () BACK OR (UP OR DOWN) ( ) LOAD? ) (5N) (CRYPT? OR ENCIPH 
OR ENCYPH? OR DECRYPT? OR CODE OR CODES OR CODING? OR CIPHER 
OR CYPHER? OR ENCRYPT? OR ENCOD?) 

56 2204 4 (MULTI OR MULTIPLE OR MANY OR SEVERAL OR PLURAL? OR NUMERO 

US) (5N) KEY? ? 

57 6482 (FIRST OR PRIMARY OR SECOND? ){ 3N) KEY? ? 

58 3069 SECRET () KEY? ? 

59 20758 AU=(SAITO, M? OR SAITO M?) 

510 30504 S3 OR S5 

511 172 S10 AND (S6 OR S7) 

512 29 Sll AND S8 

513 4 S12 NOT PY>1994 

514 0 S9 AND S3 



Sylvia Keys 



22-Jul-05 02:22 PM 



13/5/1 (Item 1 from file: 8) 

DIALOG (R) File 8 : Ei Compendex (R) 

(c) 2005 Elsevier Eng. Info. Inc. All rts. reserv. 

03847799 E.I. No: EIP94041266443 

Title: Bulk encryption algorithm for use with RSA 

Author: Sewell, R.F. 

Source: Electronics Letters v 29 n 25 Dec 9 1993. p 2183-2185 

Publication Year: 1993 

CODEN: ELLEAK ISSN: 0013-5194 

Language: English 

Document Type: JA; (Journal Article) Treatment: T; (Theoretical) 
Journal Announcement: 94 06W2 

Abstract: The public key cryptosystem known as RSA is widely presumed to 
be secure but in software implementations is slow and even in hardware 
implementations encryption with a general 512 bit exponent runs only at 
tens of kilobits per second. Due to this, use of a second , fast, secret 

key , cryptosystem such as DES as the bulk encryption method is common 
while the session key for the system is transferred using RSA. Use of two 

encryption systems increases the security risk as breaking either RSA or 
DES is sufficient to obtain the knowledge of the plaintext thus it is 
desirable to use a fast secret - key bulk encryption algorithm whose 
security can be demonstrably related to that of RSA. This paper presents 
discussions about a proposed system designated as QS to achieving this 
goal. 24 Refs. 

Descriptors: ^Cryptography; Information theory; Security of data; 
Computer software; Algorithms; Computer hardware; Encoding (symbols); 
Data transfer ; Data communication systems 

Identifiers: Bulk encryption algorithm; Cryptosystem; Secret key ; 
Cryptanalytic activity; Hardware encryption; Quisquater and Couvreur method 
; Session key 

Classification Codes:, 

716.1 (Information & Communication Theory); 723.2 (Data Processing); 
723.1 (Computer Programming); 722.3 (Data Communication, Equipment & 
Techniques) 

716 (Radar, Radio & TV Electronic Equipment); 723 (Computer Software); 
722 (Computer Hardware) 

71 (ELECTRONICS & COMMUNICATIONS); 72 (COMPUTERS & DATA PROCESSING) 



13/5/2 (Item 2 from file: 8) 

DIALOG (R) File 8 : Ei Compendex (R) 

(c) 2005 Elsevier Eng. Info. Inc. All rts. reserv. 

03664126 E.I. No: EIP93050804067 

Title: On the design of conference key distribution systems for the 
broadcasting networks 

Author: Lain, Chi-Sung; Yen, Sung-Ming 

Corporate Source: Nat Cheng Kung Univ, Tainan, Taiwan 

Conference Title: Proceedings of the 12th Annual Joint Conference of the 
IEEE Computer and Communications Societies - IEEE INFOCOM '93 

Conference Location: San Francisco, CA, USA Conference Date: 
19930330-19930401 

E.I. Conference No.: 18536 

Source: Proceedings - IEEE INFOCOM v 3 1993. Publ by IEEE, IEEE Service 
Center, Piscataway, NJ, USA. p 1406-1413 
Publication Year: 1993 

CODEN: PINFEZ ISSN: 0743-166X ISBN: 0-8186-3580-0 
Language: English 

Document Type: CA; (Conference Article) Treatment: T; (Theoretical); A; 
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(Applications) 

Journal Announcement: 9308W4 

Abstract: There are two important parts in the design of modern 
cryptographic systems. The first part is the design of cryptosystems . The 
other is the design of key distribution systems. The former constitutes the 
main portion of data protection operation while the latter dominates the 
soul of the cryptosystem, i.e., the encryption and decryption keys. In this 
paper, we propose a design methodology of conference - key distribution 
system based on the threshold scheme for the broadcasting networks. We show 
that if a conference chairman can share a secret 'key with each of the 
other conference participants then any threshold scheme can be used to 
construct a conference - key distribution system (CKDS) . Since there 
already exist many ID - based key distribution systems for two users to 
share a common secret key , we can therefore easily construct the ID - 
based CKDS for the broadcasting networks. (Author abstract) 17 Refs. 
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Descriptors: ^Cryptography; Broadcasting; Security of data; Information 
theory 

Identifiers: Key distribution systems; Broadcasting networks; Data 
protection; Encryption keys; Decryption keys 
Classification Codes: 

723.5 (Computer Applications); 716.1 (Information & Communication 
Theory) 

723 (Computer Software); 716 (Radar, Radio & TV Electronic Equipment) 
72 (COMPUTERS & DATA PROCESSING); 71 (ELECTRONICS & COMMUNICATIONS) 

13/5/3 (Item 3 from file: 8) 

DIALOG (R) File 8:Ei Compendex(R) 

(c) 2005 Elsevier Eng. Info. Inc. All rts. reserv. 

02837394 E.I. Monthly No: EIM8 912-04 8 64 1 

Title: Authenticated group key distribution scheme for a large 
distributed network. 

Author: Harn, Lein; Kiesler, Thomas 

Corporate Source: Univ of Missouri, Kansas City, MO, USA 

Conference Title: Proceedings: 1989 IEEE Symposium on Security and 
Privacy 

Conference Location: Oakland, CA, USA Conference Date: 19890501 
Sponsor: IEEE, Technical Committee on Security and Privacy, New York, NY, 
USA; Int Assoc for Cryptologic Research 
E.I. Conference No.: 12565 

Source: Proceedings of the Symposium on Security and Privacy May 1989. 
Publ by IEEE, IEEE Service Center, Piscataway, NJ, USA. Available from IEEE 
Service Cent (cat n 89CH2703-7), Piscataway, NJ, USA. p 300-309 

Publication Year: 1989 

CODEN: PSSPEO 

Language: English 

Document Type: PA; (Conference Paper) Treatment: G; (General Review); T 
; (Theoretical) 

Journal Announcement: 8 912 

Abstract: The authors propose a decentralized key distribution scheme. In 
this scheme, there are as many local key centers as needed and each 
user needs to select a key center at which to register when first joining 
the network. The most significant feature of the method is that each center 
needs only a single secret key . All personal keys that it needs for 
delivering encrypted keys to groups of users can be derived from this 
single key through a one-way function. 14 Refs. 

Descriptors: *DATA PROCESSING— ^Security of Data; COMPUTER SYSTEMS, 
DIGITAL — Distributed; MATHEMATICAL MODELS; COMPUTER NETWORKS 

Identifiers: AUTHENTICATION; DECENTRALIZED KEY DISTRIBUTION ; ENCRYPTED 
KEYS 

Classification Codes: 

723 (Computer Software) 

72 (COMPUTERS & DATA PROCESSING) 



13/5/4 (Item 4 from file: 8) 

DIALOG (R) File 8 : Ei Compendex(R) 

(c) 2005 Elsevier Eng. Info. Inc. All rts. reserv. 

01848562 E.I. Monthly No: EIM8501-002831 

Title: DOES PUBLIC KEY CRYPTOGRAPHY PROVIDE ADEQUATE COMMUNICATION 
SECURITY? 

Author: Desmedt, Y . ; Vandewalle, J.; Govaerts, R. 

•Corporate Source: Catholic Univ of Louvain, ESAT Lab, Heverlee, Belg 
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Conference Title: Conference Proceedings - Electronics for National 
Security. 

Conference Location: Brussels, Belg Conference Date: 19830927 
Sponsor: Cahners Exposition Group, Des Plaines, IL, USA; Cahners 
Exposition Group S. A. , Guildford, Engl 
E.I. Conference No.: 05642 

Source: Publ by Interavia Publ Group, Geneva, Switz p 52-59 
Publication Year: 1983 
Language: English 

Document Type: PA; (Conference Paper) 
Journal Announcement: 8501 

Abstract: One of the major problems in data communication systems 
protected by classical cryptography is the distribution of the secret 
keys between all senders and receivers. Such a distribution becomes even 
■impractical in large, especially international networks. The public key 
algorithm is considered that should solve the problem of key distribution 
and at the same time provide electronic signatures for documents such as 
contracts. The idea of public key and its conditions are explained. 
Several criticisms on the practical aspects are discussed such as: 
transmission speed, loosing keys, security. 45 refs. 
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ABSTRACT 
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using a secret key and reconstitute the work data contents based on a 
decoded work scenario... 
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center 8 and requests a second secret key for decoding the ciphered 
source data contents component. The copyright management center 8 
transfers the second secret key to the second user in the case that a 
first user is the appropriate user of the source data contents for which 
the second secret key is requested. Then, the second user decodes the 
ciphered scenario by using the secret key and reconstitutes the work 
data contents based on the decoded work scenario. 
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. . .Abstract (Equivalent) : method of cipher key distribution in a system 

formed by a key center having a cipher key to be distributed and 
a plurality of user terminals connected with the key center through a 
public network, the method comprising. . . 
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...SPECIFICATION they believe appropriate to their business requirements. 

VDE offers an architecture that avoids reflecting specific 
distribution biases, administrative and control perspectives, and 
content types. Instead, VDE provides a broad-spectrum, fundamentally... 
other information in order to, for example, reduce frequency of access by 
an SPU to secondary storage 652 and/or for other reasons. Dual ported 
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The third approach' is distinct from the first two in that it does not 
incorporate VDE functionality associated with metering/transaction 
management and. . . 



14/3, K/4 (Item 2 from file: 348) 

DIALOG (R) File 34 8: EUROPEAN PATENTS 

(c) 2005 European Patent Office. All rts. reserv. 

01888484 

Systems and methods for secure transaction management and electronic rights 
protection 

Sy steme und Verfahren zur gesicherten Transaktionsverwaltung und 

elektronischem Rechtsschutz 
Systemes et procedes de gestion de transactions securisees et de protection 

de droits electroniques 

PATENT ASSIGNEE: 

ELECTRONIC PUBLISHING RESOURCES, INC., (976840), 460 Oakmead Parkway, 
Sunnyvale, CA 94086-4708, (US), (Applicant designated States: all) 
INVENTOR: 

Ginter, Karl L., 10404 43rd Avenue, Beltsville, Maryland 20705, (US) 
Shear, Victor H . , 5203 Battery Lane, Bethesda, Maryland 20814, (US) 
Spahn, Francis J., 2410 Edwards Avenue, El Cerrito, California 94530, 
(US) 

Van Wie, David M. , 1780 East 25th Avenue, Eugene, OR 97403, (US) 
LEGAL REPRESENTATIVE: 
' Smith, Norman Ian et al (36041), fj CLEVELAND 40-43 Chancery Lane, 
London WC2A 1JQ, (GB) 
PATENT (CC, No, Kind, Date): EP 1526472 A2 050427 (Basic) 
APPLICATION (CC, No, Date) : EP 2004078254 960213; 
PRIORITY (CC, No, Date) : US 388107 950213 

DESIGNATED STATES: AT; BE; CH; DE; DK; ES; FR; GB; GR; IE; IT; LI; LU; MC; 

NL; PT; SE 
RELATED PARENT NUMBER (S ) - PN (AN): 



Sylvia Keys 



22-Jul-05 02:12 PM 



EP 861461 (EP 96922371) 
INTERNATIONAL PATENT CLASS: G06F-017/60 ; G06F-009/46 
ABSTRACT WORD COUNT: 151 
NOTE: 

Figure number on first page: 75 

LANGUAGE (Publication, Procedural, Application) : English; English; English 
FULLTEXT AVAILABILITY: 

Available Text Language Update Word Count 

CLAIMS A (English) 200517 355 

SPEC A (English) 200517 167222 

Total word count - document A 167577 
Total word count - document B 0 

Total word count - documents A + B 167577 

INTERNATIONAL PATENT CLASS: G06F-017/60 ... 

. . . G06F-009/46 

...SPECIFICATION most usage, audit, reporting, payment, and distribution 
control methods are themselves at least in part encrypted and are 
executed by the secure subsystem of a VDE installation. Thus, for 
example, billing ... 100 . 

Almost any sort of transaction you can think of can be supported by 
virtual distribution environment 100. A few of many examples of 
transactions that can be supported by virtual distribution environment 
100 include: 

C home... The subservice concept extends to supporting multiple 
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most usage, audit, reporting, payment, and distribution control methods 
are themselves at least in part encrypted and are executed by the 
secure subsystem of a VDE installation. Thus, for example, billing ... The 

subservice concept extends to supporting multiple processors, multiple 
SPEs 503, multiple HPEs 655, and multiple communications services. 

The preferred embodiment ROS 602 provides the following RPC based 
service providers/requestors... 
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. . .ABSTRACT Al 

A method for protecting the transfer and storage of data by 
encryption using a private key encrypted with a first key 
encrypting key , which is encrypted using a second key encrypting key. 
This latter key is encrypted using. . . 

...SPECIFICATION to be transferred is typically first encrypted by a 

symmetric encryption algorithm using a pseudorandom secret key . The 
secret key is then encrypted utilizing the public key of the intended 
recipient, and both the encrypted message and the encrypted secret key 
are transmitted to the intended recipient. When the message and secret 
key are delivered, the recipient uses the private key to decrypt the 
secret key , and then decrypts the message using the secret key . 

The larger an encryption key, e.g. 128 bits confronted to 56 bits, the 
greater. . . 

...of securing key distribution and storage, they suffer from several 
disadvantages inherent in storing the secret key (s) and data either 
on a centralized server database or on a device in the... 

. . . device . 

Firstly, it is possible that the storage devices may be probed to 
obtain the secret key (s) . This is particularly true in the case the 
key storage is kept on the... 

. . .manner that it can be shown that only the authorised user can access all 
the secret keys required for the processing of a particular message 
or data. 

Summary of the invention 
It . . . 



...yet another object of the present invention to provide a method and 
system for defeating secret key discovery attacks in a distributed 
key cryptography system. 

The foregoing objects are achieved by means... 
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...SPECIFICATION key encryption and public-key encryption. Symmetric- key 
encryption requires that each computer have a secret key . The secret 

key is used to encode and decode the information transmitted between 
the two computers. In order for symmetric-key encryption to work, the 
secret key must be provided to each of the two computers. If this is 
done over a non-secure transmission line, the security of the secret 
key may be compromised and someone may be able to intercept the secret 
key . 

Public-key encryption utilizes a combination of a private key and a 
public key. The . . . 

...utilize the random number generator to generate a pseudo-random session 
key, which is a secret key . If the second computing device generates 
the secret key , the second computing device transmits the secret 
key to the first computing device utilizing public-private- key 
cryptography . 

After the secret key is shared between the first computing device 
and second computing device, symmetric cryptography, using the secret 
key , is performed because the computational burden is lower on the 
system than with public key. . . 



Sylvia Keys 



22-Jul-05 02:12 PM 



...bits. In some cases, the public-private key cryptography is utilized 
only to share the secret key . In some systems, it may also be 
required that digital signatures are necessary during the... 

...transformation instruction to the global network 46. 

The first computing device 42 may receive the second computing device 
public key and the encrypted transformation instruction ( s ) and may 
transfer the second computing device public key and the encrypted 
transformation instruction ( s ) to an RSID 50. The RSID 50 may store... 

...output and placed in a temporary buffer. The transformed code may be 
encrypted utilizing the second computing device public key and the 
encrypted transformed code may be transferred from the RSID 50 to 
the first computing device 42. The first computing device 42... 
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encryption key; and 
encrypting the second. . . 
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tamperresistant processor which internally maintains a processor secret 
key . 

DESCRIPTION OF THE RELATED ART 

In recent years, due to the spread of computer networks... 

...a microprocessor and a reception device having a tamper resistant 

microprocessor which maintains a processor secret key inside and an 
external memory, the tamper resistant microprocessor being capable of 
obtaining a plurality of program keys by decrypting a plurality 
of distribution keys respectively corresponding to a plurality of 
programs by using the processor secret key , and executing the 
plurality of programs arranged in the external memory in a state of... a 
prescribed public key algorithm based on a public key that is 
corresponding to a secret key of the contents receiving and viewing 
program and maintained in advance by the contents transmission program, 
or by a secret key algorithm based on a secret key that is 
maintained in advance by the contents transmission program and shared 
with the contents... 

. . .method executed by a transmission device having a tamper resistant 
microprocessor which maintains a processor secret key inside and an 
external memory, and a reception device, the tamper resistant 
microprocessor being capable of obtaining a plurality of program keys 
by decrypting a plurality of distribution keys respectively 
corresponding to a plurality of programs by using the processor secret 

key , and executing the plurality of programs arranged in the external 
memory in a state of... 

...of programs by using respectively corresponding program keys, the 

contents distribution method comprising: storing a secret key that is 
set in correspondence to the contents transmission device, in a state of 
being. . . 

...a prescribed public key algorithm based on a public key that is 

corresponding to the secret key of the contents transmission program 
and maintained in advance by a contents receiving and viewing. . . 

...contents transmission program only when it is proved that the contents 
transmission program has the secret key at the authenticating step, 
by the contents receiving and viewing program. 
According to another aspect... 

...device and a reception device each having a tamper resistant 

microprocessor which maintains a processor secret key inside and an 
external memory, the tamper resistant microprocessor being capable of 
obtaining a plurality of program keys by decrypting a plurality 
of distribution keys respectively corresponding to a plurality of 
programs by using the processor secret key , and executing the 
plurality of programs arranged in the external memory in a state of... 

...a microprocessor and a reception device having a tamper resistant 

microprocessor which maintains a processor secret key inside and an 
external memory, the tamper resistant microprocessor being capable of 
obtaining a plurality of program keys by decrypting a plurality 
of distribution keys respectively corresponding to a plurality of 
programs by using the processor secret key , and executing the 
plurality of programs arranged in the external memory in a state of... 

...a prescribed public key algorithm based on a public key that is 

corresponding to a secret key of the contents receiving and viewing 
program and maintained in advance by the contents transmission program, 
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.SPECIFICATION codes and data by hardware. Its safety level depends on 
the safety level of the secret key embedded in the processor chip. 

However, in this type of tamper resistant processor, different unique 
...configured to decrypt the execution file received by the second 
receiving unit by using a secret key corresponding to the public key. 

According to another aspect of the present invention there is... 
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...configured to encrypt at least a part of the execution file by using a 
prescribed secret key , when the source file passes an examination by 
the examination unit; a public key receiving. . . 

...an examination by the examination unit; a second encryption unit 

configured to encrypt the prescribed secret key by using the public 
key received by the public key receiving unit, when the source... 

...configured to send the execution file encrypted by the first encryption 
unit and the prescribed secret key encrypted by the second encryption 
unit to the execution file receiving device, when the source... 

. . .distribution device; a second receiving unit configured to receive the 
execution file and the prescribed secret key sent from the encrypted 
program distribution device; and a first decryption unit configured to 
decrypt the prescribed secret key received by the second receiving 
unit by using a secret key corresponding to the public key; and a 
second decryption unit configured to decrypt the execution file received 
by the second receiving unit by using the prescribed secret key 
decrypted by the first decryption unit. 

According to another aspect of the present invention there... 

...configured to encrypt at least a part of the execution file by using a 
prescribed secret key , when the source file passes an examination by 
the examination unit; a public key receiving ... an examination by the 
examination unit; a second encryption unit configured to encrypt the 
prescribed secret key by using the public key received by the public 
key receiving unit, when the source... 

...configured to send the execution file encrypted by the first encryption 
unit and the prescribed secret key encrypted by the second encryption 
unit to the execution file receiving device, when the source... 

...device; and (i) decrypting the execution file received by the step (h) 
by using a secret key corresponding to the public key at the 
execution file receiving device. 
According to another aspect... 

. ,.c); (e) encrypting at least a part of the execution file by using a 
prescribed secret key , at the encrypted program distribution device, 
when the source file passes an examination by the... 

...when the source file passes an examination by the step (c) ; (g) 

encrypting the prescribed secret key by using the public key received 
by the step (f), at the encrypted program distribution... 

...step (c); (h) sending the execution file encrypted by the step (e) and 
the prescribed secret key encrypted by the step (g) from the 
encrypted program distribution device to the execution file... 

...passes an examination by the step (c) ; (i) receiving the execution file 
and the prescribed secret key sent from the encrypted program 
distribution device at the execution file receiving device; (j) 
decrypting the prescribed secret key received by the step (i) by 
using a secret ■ key corresponding to the public key at the execution 
file receiving device; and (k) decrypting the execution file received by 
the step (i) by using the prescribed secret key decrypted by the step 
(j) at the execution file receiving device. 

According to another aspect... b); (d) encrypting at least a part of the 
execution file by using a prescribed secret key , when the source file 
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...SPECIFICATION transmission apparatus operable to encrypt original 

content that is the digital work, based on a distribution encryption 
key , to generate first encrypted information, and transmit the 
generated first encrypted information via a network; the reception 
apparatus operable ... content key, to generate encrypted content, (d) 
encrypt the original content key using the obtained distribution 
encryption key , to generate a first encrypted content key , and (d) 
transmit the first encrypted information that includes the generated 
encrypted content and the... 
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...condition information, the encryption unit may further encrypt the 

original usage condition key using the distribution encryption key , 
to generate a first encrypted usage condition key , and encrypts the 
usage condition information using the original usage condition key, to 
generate first... 

...the stated construction, use of the public key can be limited in 

accordance with the secret key being exposed, therefore content can 
be distributed even more safely. 

Here, the storage unit may... and the transmission apparatus encrypting 
original content that is a digital work, based on a distribution 
encryption key , to generate first encrypted information, and 
transmitting the generated first encrypted information via a network to 
the reception apparatus... 

...content key, to generate encrypted content, (d) encrypt the original 
content key using the obtained distribution encryption key , to 
generate a first encrypted content key , and (d) transmit the first' 
encrypted information that includes the generated encrypted content and 
the first encrypted content key; the obtaining sub-unit may obtain the 
obtained first encrypted information; the . decryption unit may 
decrypt the first encrypted content key using the distribution 
decryption key, to generate an intermediate content key, and generate 
intermediate information that includes the encrypted... 

...unique to the usage condition information, (b) encrypt the original 
usage condition key, using the distribution encryption key , to 
generate a first encrypted usage condition key , (c) encrypt the usage 
condition information using the original usage condition key, to generate 
first. . . 

...usage condition information via the reception apparatus, the decryption 
sub-unit may further decrypt the first encrypted usage condition key 

using the distribution key, to generate an intermediate usage 
condition key, and decrypt the first encrypted usage condition... 

...using a public key generation algorithm, based on a distribution 
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...using a public key generation algorithm, based on a distribution 

decryption key that is a secret key , and performs encryption 
according to a public key encryption algorithm using a distribution 
encryption key... the plurality of encryption methods. 

25. The recording medium apparatus of Claim 14, 

wherein the key storage sub-unit stores a plurality of 
distribution decryption key candidates, and one distribution 
decryption key candidate is selected from among the plurality of 
distribution decryption key candidates as the distribution 
decryption key, and 

the decryption sub-unit uses the selected distribution 
decryption key. 

26. The recording medium apparatus of Claim 14, 

wherein the tamper-proof module unit... 

...apparatus, the transmission apparatus encrypting original content that 

is the digital work, based on a distribution encryption key , to 
generate first encrypted information, and transmits the generated 
first encrypted information via the network to the reception 
apparatus ... 

...content key, to generate encrypted content, (d) encrypts the original 

content key using the obtained distribution encryption key , to 
generate a first encrypted content key , and (e) transmits the 
first encrypted information that includes the generated encrypted 
content and the... 

...advance the distribution decryption key and the medium unique key, (b) 
obtains the output first encrypted information, (c) decrypts the 
first encrypted content key using the distribution decryption 

key, to generate an intermediate content key, (d) encrypts the 
generated intermediate content key using. . . 

...unique to the usage condition information, (b) encrypts the original 

usage condition key using the distribution encryption key , to 
generate a first encrypted usage condition key , (c) encrypts the 
usage condition information using the original usage condition key, 
to generate first reception apparatus, 

the recording medium apparatus further (a) obtains via the network 
the first encrypted usage condition key and the first 
encrypted usage condition information, (b) decrypts the first 
encrypted usage condition key using the distribution decryption 

key, to generate an intermediate usage condition key, (c) decrypts 
the first encrypted usage condition... 
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communication, the second is the system for encrypting 
to-be-distributed contents data itself, and the third is... the license 
key for each memory card by providing the memory card, i.e., the secret 
key of the recording device. 

Memory card 110 further includes an interface 1424 exchanging a signal 
...output to the memory card, the content reproduction device or the like 
to which the secret key is leaked from the license administration 
module which receives the distribution. 

After step S250 or. . . 
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...INTERNATIONAL PATENT CLASS: G06F-017/60 

...SPECIFICATION is possible to charge for the use of information in a form 
of selling the encryption key. For the circulation and distribution 
of the encryption key , in many cases, the encryption key , itself, 
is digitized. In this case, similarly to information to be originally 
distributed and sold ... records included in the transfer history in order 
from the latest record by using a secret key SCA) ) of the management 
center CA, and checks the records. 
When a record which cannot... 
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. . .management center CA, the records included in the transfer history are 
decrypted by using a secret key SCA) ) of the management center CA and 
are checked in order from the latest record. . . 

. . .management center CA, the records included in the transfer history are 
decrypted by using a secret key SCA) ) of the management center CA and 
are checked in order from the latest record. . . 

...the public so as to be used by anybody. The decryption key is called the 
" secret key ", and is managed by a possessor so as not to leak to 
others. Accordingly, by... 

...can transmit a code that can be decrypted only by a receiver who 
possesses a secret key . 

When the public key is PK) ) , and the secret key is SK) ) , encryption 
of data M by using the public key PK) ) is represented by C - E(PK)), M) , 
and decryption of the code C by using the secret key SK) ) is 
represented by M = D(SK)), C) . An important property is that, by keeping 
the secret key SK) ) secret, if the public key Pk) ) or the code C is 
known, the original... 

...taken into consideration. When data M exists, the creator of M uses his 
or her secret key SK) ) to calculate the electronic signature SG(M) = 
D(Sk)), MM)), where h() represents... 

...falsified and the electronic signature SG(M) has been added by the owner 
of the secret key SK) ) . In other words, a message creator uses his or 
her secret key to encrypt a message, whereby a receiver of the 
encrypted message can decrypt the encrypted. . . 

...an ElGamal signature, and an elliptic ElGamal signature. To avoid 
confusion with electronic signatures, a secret key SK) ) for use in 
creating a signature is called a "signature creation key", and a... 

. . . challenge&response authentication can be realized. By using the public 
key PK) ) , possession of the secret key SK) ) can be confirmed without 
knowing the secret key itself. For example, a' verifying side 
generates a random number r, calculates the value r. . . 

. ..r") holds in the verifying side, it is confirmed that the other party 
possesses the secret key SK) ) . 

Similarly, in the electronic signature technique, by using the 
signature verification key PK) ) , it... 
...the signature creation key SK) ) . 

In the challenge&response authentication, the existence of a particular 
secret key or signature creation key can be confirmed by using a 
corresponding public key or signature verification key, without knowing 
the secret key or signature creation key itself. 

Certificate 

In order to authenticate. a particular other party (or... 

...it is important to have a correct understanding of a public key 
corresponding to a secret key possessed by the other party, or a 
signature verification key corresponding to a signature creation. . . 

...is absolutely reliable. The CA issues a certificate encrypted by using a 
CA's own secret key . In other words, the certificate cannot be freely 
forged by others because it bears an. . .by Infon) ) and Pn) ) . 

Certificate Verification 
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5. Content Recovering Apparatus 

The recovery of content in this embodiment... 

...such as a signature certificate (Infoj)), P j ) ) , SG j ) ) ) of the content 
issuing apparatus 30, a secret key Sj)) corresponding to a public key 
P j ) ) included in the certificate, the public key PCA. . . 

...recovering apparatus 50. 

The electronic signature generator 56 has a function of using its own 
secret key Sj)) to generate its own electronic signature. When data M 
exists, the electronic signature generator 56 uses its own secret key 
Sj)) to calculate the electronic signature SG(M) = D(Sj)), h(M)) of data 
M. . . 

...and that the electronic signature SG(M) has been added by the possessor 
of the secret key SK) ) (as described above) . 

The fraud detector 59 has a function of receiving from the... by data 
mn) ) , TSGn) ) is represented by D(Sn)), h(Mn)))) (where Sn) ) is a secret 
key of a content holding apparatus which performs content transfer for 
the n-th time) . 
Regarding. . . 

. ..SGn)) = D(SCA)), h(Infon)), Pn) ) ) ) , generated by the management center 
CA 70 using its secret key SCA) ) , is added to a set of information 
linking to the content transferring side, and. . . 

...apparatus, and nonce TNn) ) (as described above). 

Finally, the content transferring holding apparatus uses its secret 
key Sn) ) to generate electronic signature TSGn) ) for the entire transfer 
history including the new record. . . 

. . .management center CA 70 generates a pair of a public key crypto system 
public key and secret key . Here, the public key of the management 
center CA 70 is represented by PCA 1 )) and the secret key is 
represented by SCA) ) . The management center CA 70 opens only the public 
key PCA. . . 

...history is verified in step (2), the operation of decrypting each record 
by using the secret key SCA) ) of the management center CA 70 is 
added. The validity of each record is proven based on the ability to use 
the secret key SCA) ) to perform proper decryption and the validity of 
the electronic signature in the record. . . 

...CLAIMS predetermined management center, the records included in the 

transfer history are decrypted by using a secret key SCA) ) of the 
management center CA and are checked in order from the latest record 



. . .management center CA, the records included in the transfer history are 

decrypted by using a secret key SCA) ) of the management center CA 

and are checked in order from the latest record. . . 

. . .management center CA, the records included in the transfer history are 

decrypted by using a secret key SCA) ) of the management center CA 

and are checked in order from the latest record. . . 
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.SPECIFICATION particular user. The document encrypted using the public 
key can only be decrypted using a secret key corresponding to the 
encryption key used to encrypt that document. The secret key is held 
only by the user who issued the public key, and thus the document 
encrypted using the public key can be decrypted only by the user having 
the secret key . A representative example of the public key 
cryptography is that based on the RSA (Rivest ... above-described technique 
thereby allowing the common authentication key to be used as a secure 
secret key and thus allowing authentication to be performed according 
to the common key cryptography technique. That... 

.the device B. Herein, the key Kab is a key that is used as a secret 
key in common by the devices A and B and that is stored in a storage... 
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the device B decrypts the received data using the key Kab (authentication 
key) as the secret key used in common. More specifically, the 
decryption of the received data is performed as f ollows . . . that can be 
decrypted only by using a key acquired by processing the EKB and 
distributes the resultant encrypted key or content. 

First , various entities in the system are described briefly. 

Key distribution center (KDC) 

A key distribution ... produced by the key distribution center (KDC) and 
issues a public key corresponding to a secret key on which a 
signature is written, for use in verification of the signature. 

An EKB . . . 
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...SPECIFICATION particular user. The document encrypted using the public 
key can only be decrypted using a secret key corresponding to the 
encryption key used to encrypt that document. The secret key is held 
only by the user who issued the public key, and thus the document 
encrypted using the public key can be decrypted only by the user having 
the secret key . A representative example of the public key 
cryptography is that based on the RSA (Rivest ... above-described technique 
thereby allowing the common authentication key to be used as a secure 
secret key and thus allowing authentication to be performed according 
to the common key cryptography technique. That... 

...the device B. Herein, the key Kab is a key that is used as a secret 
key in common by the devices A and B and that is stored in a storage.. . 
the device B decrypts the received data using the key Kab (authentication 
key) as the secret key used in common. More specifically, the 
decryption of the received data is performed as f ollows . . . that can be 
decrypted only by using a key acquired by processing the EKB and 
distributes the resultant encrypted key or content. 

First , various entities in the system are described briefly. 

Key distribution center (KDC) 

A key distribution. . .produced by the key distribution center (KDC) and 
issues a public key corresponding to a secret key on which a 
signature is written, for use in verification of the signature. 

An EKB . . . 
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...SPECIFICATION particular user. The document encrypted using the public 
key can only be decrypted using a secret key corresponding to the 
encryption key used to encrypt that document. The secret key is held 
only by the user who issued the public key, and thus the document 
encrypted using the public key can be decrypted only by the user having 
the secret key . A representative example of the public key 
cryptography is that based on the RSA (Ri vest ... above-described technique 
thereby allowing the common authentication key to be used as a secure 
secret key and thus allowing authentication to be performed according 
to the common key cryptography technique. That... 

...the device B. Herein, the key Kab is a key that is used as a secret 
key in common by the devices A and B and that is stored in a storage. . . 
the device B decrypts the received data using the key Kab (authentication 
key) as the secret key used in common. More specifically, the 
decryption of the received data is performed as f ollows . . . that can be 
decrypted only by using a key acquired by processing the EKB and 
distributes the resultant encrypted key or content. 

First , various entities in the system are described briefly. 

Key distribution center (KDC) 

A key distribution. . .produced by the key distribution center (KDC) and 
issues a public key corresponding to a secret key on which a 
signature is written, for use in verification of the signature. 

An EKB . . . 
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...SPECIFICATION In this case, the above-described second step can 

distribute the content via the predetermined distribution path with 
attached authentication information encrypted using the encryption key 

issued in the first step, making it possible to appropriately prevent 
the authentication information from being falsified . 

The above... the time of encryption and decryption or a public key 
encryption method in which a secret key and a public key are formed 
in combination may be used. However^ in the following. . . 
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Method of using a mask programmed secret key to securely configure a 

field programmable gate array 
...INTERNATIONAL PATENT CLASS: G06F-012/14 

. . .ABSTRACT using the security key stored in the artwork of the field 

programmable gate array. The secret key consists of a number of bits 
of key information that are embedded within the photomasks... 

...SPECIFICATION using the security key stored in the artwork of the field 
programmable gate array. The secret key consists of a number of bits 
of key information that are embedded within the photomasks... 

...impossible to manufacture cloned products. FPGAs can be manufactured 
with one of two or more secret keys (e.g., key A and key B) embedded 
in the artwork of the design. After... 

...packages are marked identically. A customer who bought FPGAs has no way 
of telling which secret key was present on a particular chip. If the 
customer was a pirate who had a... 

...a problem: since the bitstream can only be decrypted by an FPGA with the 
matching secret key only 50% of the FPGAs that he bought would 
actually work with his copied bitstream. . . 

...is a method including fabricating a first group of FPGA integrated 

circuits with a first secret key embedded by way of a first mask set. 
The method includes fabricating a second group of FPGA integrated 
circuits with a second secret "key embedded by way of a second mask 
set. The first group of FPGA integrated circuit... 

. . .between the first group of FPGAs and second group of FPGAs is having a 
different secret key or security key. A first secure bitstream will 
configure properly user-configurable logic of the. . . 

...integrated circuits. 

In an embodiment, the first group of FPGA integrated circuits with the 
first secret key may be assigned to a first geographic area and the 
second group of FPGA integrated circuits with the second secret key 
may be assigned to a second geographic area. In another embodiment, the 
first group of FPGA integrated circuits with the first secret key are 
fabricated in a first time period and the second group of FPGA integrated 
circuits with the second secret key are fabricated in a second time 
period, different from the first time period. The first... 

...period. In a further embodiment, the first group of FPGA integrated 
circuits with the first secret key ( are assigned to a first customer 
and the second group of FPGA integrated circuits with the second secret 
key are assigned to a second customer. 
In an embodiment, only one mask differs between the... 

...the first and second group of FPGA integrated circuits in addition to 
the different embedded secret keys . 

The method further includes loading an unencrypted bitstream into one 
of the first group of FPGA integrated circuits to generate a secure 
bitstream using the first secret key . The first and second secret 
keys may be presented on wires of the respective group of FPGA 
integrated circuits for only a limited duration. The first secret key 
may be embedded by setting an initial state of a selection of memory 
cells in a device configuration memory of the FPGA integrated circuit. In 
an embodiment, the first secret key is extracted by using a CRC 
algorithm to compute a checksum of the initial state of the device 
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...memory of the programmable integrated circuit. 

14. The method of claim 1 wherein the first secret key is embedded by 
changes to a relatively large block of logic in the first plurality 

...using a CRC algorithm. 

15. The method of claim 13 further comprising: 

extracting the first secret key by using a CRC algorithm to 
compute a checksum of the initial state of the. . . 

. . . first plurality of programmable integrated circuits to generate a secure 
bitstream based on the first secret key and an on-chip generated 
random number. 

17. The method of claim 1 further comprising... 

. . . first plurality of programmable integrated circuits to generate a" secure 
bitstream based on the first secret key and an on-chip generated 
random number, wherein the secure bitstream includes a message 
authentication code. 

18. A method comprising: 

embedding a first secret key within the artwork of a programmable 
integrated circuit; 

storing a user-defined second secret key within ah encrypted 
programmable integrated circuit bitstream stored in an external 
nonvolatile memory accessible by the programmable integrated circuit; 

decrypting the user-defined second secret key using the first 

secret key ; and 
setting up a secure network link between the programmable integrated 

circuit and a server using the user-defined second secret key . 

19. The method of claim 18 further comprising: 

downloading a programmable integrated circuit bitstream -using the secure 
network link; 

encrypting the downloaded programmable integrated circuit bitstream 

using the first secret key ; and 
storing the encrypted downloaded bitstream in the external memory. 

20. The method of claim 18 wherein the secure network... 

...encrypted downloaded bitstream stored in the external memory. 
22. A method comprising: 
storing a first secret key on a programmable integrated circuit 
chip; 

causing the programmable integrated circuit to calculate a message... 
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...INTERNATIONAL PATENT CLASS: G06F-017/60 

...SPECIFICATION is distributed in the encrypted form, on the user side. 
First, the system requires a cryptosystem for distributing an 
encryption key in the communication. Second , the system requires a 
cryptosystem for encrypting the data itself to be distributed. Third, the 
...keys KPmc(n) and KPp(n), will be referred to as a "class" hereinafter. 

As secret keys common to the content reproducing circuit, the 
system employs a secret key Kcom, which is primarily utilized for 
obtaining license key Kc and restriction information for the... 

...later, as well as an authentication key KPma operated commonly in whole 
the distribution system. Secret key Kcom is a decryption key in the 
symmetric key cryptosystem, and therefore is held as the encryption key 
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with public encryption key KPm(l) unique to memory card 110 without being 
encrypted with secret key Kcom. Therefore, step S134 is eliminated. 
Subsequently to step S132, steps 136a - S148a are executed. . . 

...repeated. Since license key Kc and reproducing circuit restriction 

control AC2 are not encrypted with secret key Kcom, but are encrypted 
with public encryption key Km(l) unique to memory card 110... 

...for that license key Kc and reproducing circuit restriction information 
AC 2 are not encrypted with secret key Kcom in the third embodiment. 
Thus, the operations in the third embodiment are substantially the... 

...system according to the first embodiment, can be achieved although the 
system does not use secret key Kcom, which is symmetric to the 
content reproducing circuit (cellular phone) , for performing the 
encryption. . . 

...the distribution server and the cellular phone do not perform the 
encryption and decryption using secret key Kcom symmetric to the 
reproducing circuit. The reproducing device may be a device other than... 
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...INTERNATIONAL PATENT CLASS: G06F-012/14 ... 

. . . G06F-013/00 

...SPECIFICATION of a cellular phone user, a system is initially required 
to be a system for distributing an encryption key in a 
communication, secondly the exact system encrypting content data to be 
distributed, and thirdly a configuration implementing decryption ... a 
memory card externally communicates data, encryption keys Ksl-Ks4 are 
used to keep the secret . Keys Ksl-Ks4 are symmetric keys generated by 
server 30, cellular phone 100 or 102, memory. . . 

. . .number i represents a number provided to distinguish each memory card. 

Furthermore, as a common secret key in a system there exists a 
secret key Kcom in a symmetric-key cryptosystem used mainly to obtain 
license key Kc. Secret key Kcom is held in both of a distribution 
server and a cellular phone and used...Ksl and then transmitted on data 
bus BS1, and a Kcom hold unit 322 holding secret key Kcom shared by 
reproduction circuits. 

Data processing unit 310 further includes an encryption unit 324 using 
secret -key Kcom to encrypt license key Kc and reproduction circuit 
control information AC2 received from distribution. . . 



...bus BS2 for output. 

Cellular phone 100 further includes a Kcom hold unit' 1512 holding 
secret key Kcom set to be shared by reproduction circuits, a 
■ decryption unit 1514 using secret key Kcom to decrypt ( Kc//AC2 ) Kcom 
output from decryption unit 1510, and outputting license key... 324, which 
in turn encrypts license key Kc and reproduction circuit control 
information AC 2 with secret key Kcom shared by reproduction circuit 
and obtained from Kcom hold unit 322 (step S130) . 

Encrypted. .. 1 ) unique to memory card 110 and encrypted data 
(Kc//AC2) Kcom decryptable with common secret key Kcom is obtained on 
data bus BS4 (step S222) . 

Obtained encrypted data (Kc//AC2) Kcom. . . 
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. . . AC2 are accepted (step S226) . 

Decryption unit 1514 decrypts encrypted data (Kc//AC2 ) Kcom with secret 
key Kcom received from Kcom hold circuit 1512 and shared by 

reproduction circuits to accept license ... that of the first embodiment in 

that the former does not provide encryption decryptable with secret 

key Kcom shared by reproduction circuits. 

More specifically the data distribution system of the present 

embodiment . . . 

...server His different from license server 10 in that the former excludes 
unit 322 holding secret key Kcom shared by reproduction circuits, and 
encryption unit 324 using secret key Kcom. More specifically, in 
license server 11 license key Kc and reproduction circuit control 
information. . . 

...100 of the first embodiment in that the former excludes Kcom hold unit 
1512 holding ■ secret key Kcom shared by reproduction circuits and 
decryption unit 1514 using secret key Kcom. 

More specifically, in cellular phone 101, corresponding to the fact 
that distribution server 31 does not provide encryption using secret 
key Kcom, encryption unit 1510 using session key Ks4 to effect 
decryption directly provides license key. . . 

...card identical in configuration to the Fig. 6 memory card 110. 
Omitting the encryption using secret key Kcom shared by 
reproduction circuits results in a difference in operation in each of 
distribution. Kc and reproduction circuit control information AC 2 
obtained at step S128 are not encrypted with secret key Kcom and they 
are encrypted with public encryption key KPm(l) unique, to memory card... 

. ..Kc and AC 2 and thus used. Furthermore, step S228 is eliminated as the 
encryption using secret key Kcom is not applied to license key Kc or 
reproduction control information AC2 . 
The remaining. . . 

...those shown in Figs. 13 and 14 and thus will not be described. 

Thus , if secret key Kcom shared by reproduction circuits is not 
used, a data distribution system can be configured. . .More specifically, 
license key Kc and reproduction circuit control information AC2 that are 
encrypted with secret key Kcom in the form of (Kc//AC2) Kcom can be 
recorded in reproduction information hold. . . 

...CLAIMS second decryption unit (1412) receiving said reproduction 

information and access restriction information encrypted with said 
second symmetric key and said second public encryption key 
and distributed from said content provision device, for decryption 
with said second symmetric key, 
a third key ... content provision device (10) further includes 
a fifth key hold unit (322) holding a common secret key (Kcom) 

reproducible in said content reproduction unit, and 
a third license data encryption unit (324) encrypting said reproduction 
information (Kc//AC2, (Kc//AC2 ) Kcom) with said common secret key 
for output to said first license data encryption unit (326); and 
said content reproduction unit further has x 
a sixth key hold unit (1512) holding said common secret key , and 
a sixth decryption unit (1514) receiving an output of said fourth 

decryption unit (1510), decrypting said reproduction information with 
said common secret key held in said sixth key hold unit, and 
extracting said license key (Kc) for output ... provided to record said 
access restriction information (AC1) therein, said recording device 
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further comprising: 
a secret key hold unit (1421) holding a private decryption key 
(Km(i)) decrypting data encrypted with a... 
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...SPECIFICATION in the encrypted form, on the user side. First, the system 
requires a scheme for distributing an encryption key in the 
communication. Second , the system requires a scheme for encrypting the 
data itself to be distributed. Third, the... 

...later, as well as an authentication key KPma operated commonly in whole 
the distribution system. Secret key Kcom is a decryption key in the 
symmetric key cryptosystem, and therefore is held as... data (Kc//AC2 ) Kcom 
are recorded in memory 1415 after being re-encrypted with symmetric 
secret key K ( 1 ) . 

Further, the content data can be distributed only after confirming the 
validities of... holding portion 1451 employed in place of K(l) holding 
portion 1450 holds predetermined symmetric secret keys K(l)x (1 < 
x < N) , which are N in number and are... 
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...SPECIFICATION of a cellular phone user, a system is initially required 
to be a system for distributing an encryption key in a 
communication, secondly the exact system encrypting content data to 
be distributed , and thirdly a configuration implementing content data 
protection for preventing such distributed content data from... a memory 
card externally communicates data, encryption keys Ksl-Ks4 are used to 
keep the secret . Keys Ksl-Ks4 are symmetric keys generated by server 
30, cellular phone 100 or 102, memory. . . 

...number i represents a number provided to distinguish each memory card. 

Furthermore, as a common secret key in a system there exists a 
secret key Kcom in a symmetric-key cryptosystem used mainly to obtain 
license key Kc. Secret key Kcom is held in both of a distribution 
server and a cellular phone and used to encrypt license key Kc and 
decrypt and thus obtain the same, respectively. 

Note that secret key Kcom in the symmetric-key cryptosystem may be 
replaced by a set of public encryption. . . 

. . .data bus BS1. 

Data processing unit 310 further includes a Kcom hold unit 322 holding 
secret key Kcom shared by reproduction circuits, an encryption unit 
324 using secret key Kcom to encrypt license key Kc and reproduction 
circuit control information AC2 received from distribution. . .bus BS2 for 
output . 

Cellular phone 100 further includes a Kcom hold unit 1512 holding 
secret key Kcom set to be shared by reproduction circuits, a 
decryption unit 1514 using secret key Kcom to decrypt (Kc//AC2 ) Kcom 
output from decryption unit 1510, and outputting license key... 324, which 
in turn encrypts license key Kc and reproduction circuit control 
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for each said recording device, 
a fifth encryption unit (1452) using said secret key to encrypt data 
obtained from said third decryption unit (1422) decrypting an output 
of said. . . 

...decryption key (Km(i)), and 

a sixth decryption unit (1454) decrypting data encrypted with said 
secret key ; 

said first storage unit (1415) records therein data encrypted by said 

fifth encryption unit; 
said fifth encryption unit encrypts data of said class revocation list 

(CRL) with said secret key ; and 
said second storage unit (2415) is arranged external to a security area 

(TRM) unreadable. . . 

...provision device (10, 11) further includes 

a sixth key hold unit (322) holding a common secret key (Kcom) 
reproducible in said content reproduction unit (1550), and 

a third license data encryption unit (324) encrypting said first 

reproduction information with said common secret key for output 
to said first license data encryption* unit (326) ; and 

said content reproduction unit (1550) further has 

a seventh key hold unit (1512) holding said common secret key , and 
a seventh decryption unit (1514) receiving an output of said fourth 

decryption unit (1510), decrypting said first reproduction 

information with said common secret key held in said seventh key 

hold unit, and extracting said license key (Kc) for output... by said 

second encryption unit. 
37. The recording device of claim 33, further comprising: 
a secret key hold unit (1450) holding a secret key (K(i) ) 

different for each said recording device; 
a secret key encryption unit (14 52) using said secret key to 

effect encryption; and 
a secret key decryption unit (14 54) decrypting data encrypted with 

said secret key , wherein: 
said first storage unit (1415) and said second storage unit (2415) are 

arranged external... 
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...SPECIFICATION processing apparatus, the content key data and the usage 
control policy data stored in the distributed key file are decrypted 
, and the handling of the distributed content data is determined based 
on the related decrypted usage control policy data. 

Also, a ... apparatus, and the data processing apparatus by a management 
apparatus, wherein the management apparatus provides encrypted content 
key data and encrypted usage control policy data indicating the handling 
of the content data to... key file to the data processing apparatus and 
the data processing apparatus decrypts the content key data and the 
usage control policy data stored in the distributed key file and 
determines ... of a 30th aspect of the present invention is a data 
providing system having a plurality of data providing apparatuses, a 
data distribution apparatus, a plurality of management apparatuses, a 
database device, and a data processing apparatus, wherein ... invention is 
a data providing system having a plurality of data providing apparatuses, 
a data distribution apparatus, a plurality of management apparatuses, 
a database device, and a data processing apparatus, wherein the data 
providing. .. key file received from the management apparatus from the data 
providing apparatus to the data distribution apparatus, and 
distributing a second module storing the provided content file and the 
key file from the data distribution apparatus... 

... the distributed second module and determining the handling of the 
content data stored in the distributed second module based on the 
related decrypted usage control policy data. 

Also, a data providing method ... content files in the database device, 
the management apparatuses produce the key files storing the encrypted 
content key data and encrypted usage control policy data indicating 
the handling of the content data for the content data... of a 67th aspect 
of the present invention is a data providing system having a plurality 
of data providing apparatuses, a data distribution apparatus, a 
plurality of management apparatuses, a database device, and a data 
processing apparatus, wherein the data providing. . .management apparatus, 
a database device, and a data processing apparatus, wherein the data 
providing apparatus encrypts content data by using content key data, 
produces a content file storing the related encrypted content data, and 
stores the related. and certifies the legitimacy of the related public 
key data by attaching a signature by secret key .data of the EMD 
service center 102 to the certificate data of the public key... 

...content data C using the content key data Kc, and the signature data 
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.in claim 176, wherein 
said data distribution apparatus produces said signature data using its 

own secret key data and 
said data processing apparatus verifies the legitimacy of said signature 

data using public key data corresponding to said secret key 

data . 

180. A data providing system as set forth in claim 179, wherein 
said data . . . 
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...SPECIFICATION not illustrated) to encryption processing section 633 and 
also holds save key Ksave)) unique to encryption processing section 
633. 

And recording and reproducing apparatus 630 has encrypted contents 
and content key Kco) ) sent from first or second contents sending 
apparatus 600 or 610 received by sending and receiving section 631... 
network 5 via a user management section 18. In addition, a public key and 
a secret key of the electronic distribution center 1 as well as a 
public key and a secret key peculiar to equipment maintained by the 
user are all generated and managed, the public keys... and the handling 
policy to each of which the electronic signature is added using a secret 
key of the content provider 3 are hereinafter referred to as a content 
provider secure container... 

...a hash function based on data that is desired to be transmitted and 
using a secret key of a public key encryption. 

The hash function and the signature will be described. The.-. . 
...point on the elliptic curve, r is a digit of G, and Ks)) is a secret 
key (0<Ks))<r). In step S2, a random number u is generated by... 
data is not tampered, and is the data transmitted from the transmission 
apparatus holding the secret key corresponding to the public key. 
In step Sll, if the signature data c and d. . . 

...received data is tampered or is not data transmitted from the 

transmission apparatus holding the secret key corresponding to the 
public key. 

Further, although SHA-1 is used as the hash function... 

...a public key and the other key that should be kept secret is called a 
secret key . 

The elliptic curve encryption method that is representative of the 
public key encryption method will... 

...point on the elliptic curve, r is a digit of G, and Ks)) is a secret 
key (0<Ks))<r). In step S31, the encryption data uG is multiplied 
by the secret key Ks) ) . In step S32, the X coordinates of (X0)), 
Y0) ) ) among the encryption data is... 

. . .message, Yl) ) is cancelled. 

In this way, in the public key encryption method, with the secret 
key being Ks)) and the public keys being G, Ks))G, a key to be used... 
generation section 45, a signature with respect to the price information 
is generated using the secret key of the service provider 3 held in a 
tamper resistant memory (not shown) (as in... 

...content provider secure container and the price information with an 
electronic signature added using the secret key of he service 
provider 3 are hereinafter referred to as a service provider secure 
container ... ID, if necessary, or may be unnecessary because it is in the 
registration information) , a secret key different for each apparatus, 
the save key Ksave)), the public key of the electronic distribution... 
encryption method. In this case, a stored key is not the common key, but 
the secret key peculiar to the extension section 66.) 
The content key Kco)) that is encrypted by the... 

...certificate (the public key certificate of an apparatus) of the public 
key corresponding to the secret key for each apparatus in the storage 
module 92, the registration information, the content provider secure... 



Sylvia Keys 



22-Jul-05 02:13 PM 



. . .module in the encryption processing section 83, the individual ID for 
specifying an apparatus, the secret key that is different for each 
apparatus, the save key Ksave) ) , the public key of the... 

...charge information is stored as well.) The certificate of the public key 
corresponding to the secret key for each apparatus in the encryption 
processing section 83, the contents encrypted by the content... 

...storage medium exclusively for electronic distribution 120, the 

individual ID of the recording medium, the secret key different for 
each recording medium, the public key certificate corresponding to the 
secret key (which may be recorded in the external memory 123), the 
save key Ksave)) to be . . . and the handling policy and its signature. The 
signature is data generated by applying the secret key Kscp) ) of the 
content provider 2 to a hash value generated by applying the hash... 

...key Kd) ) , a handling policy and signatures. The signature is data 

generated by applying the secret key Kscp) ) of the content provider 2 
to a hash value generated by applying a hash... key Kl)), a handling 
policy and signatures. The signature is data generated by applying the 
secret key Kscp) ) of the content provider 2 to a hash value generated 
by applying a hash. . . 

...of the content provider 2, and signatures. The signature is data 
generated by applying the secret key Ksca) ) of the authentication 
station to a hash value generated by applying a hash function... 

...by the delivery key Kd) ) , and signatures. The signature is data 

generated by applying the secret key Ksca) ) of the authentication 
station to a hash value generated by applying a hash function. . . 

...by the delivery key Kd) ) , and signatures. The signature is data 

generated by applying the secret key Ksca)) of the authentication 
station to a hash value generated by applying a. hash function... 

...is comprised of price information and signatures. The signature is data 
generated by applying the secret key Kssp) ) of the service provider 3 
to a hash value generated by applying a hash. . . 

...provider secure container, price information and signatures. The 

signature is data generated by applying the secret key Kssp) ) of the 
service provider 3 to a hash value generated by applying a hash. . . 

...of the service provider 3, and signatures . The signature is data 
generated by applying the secret key Ksca) ) of the authentication 
station to a hash value generated by applying a hash f unction ... of the 
user apparatus, and the signatures. The signature is data generated by 
applying the secret key Ksca) ) of the authentication station to a 
hash value generated by applying a hash function. . .bits + 160 bits + 160 
bits = 448 bits), and generates signature data A.Sig with a secret key 

held by itself with respect to the data. Further, since scalar times of 
a base... and BV) ) (x coordinates and Y coordinates) , and generates 
signature data B.Sig with a secret key held by itself with respect to 
the data. Finally, the encryption processing section 65 transfers... 

14/3, K/28 (Item 26 from file: 348) 

DIALOG (R) File 34 8: EUROPEAN PATENTS 

(c) 2005 European Patent Office. All rts. reserv. 



Sylvia Keys 



22-Jul-05 02:13 PM 



01268075 
MEMORY CARD 
SPEICHERKARTE 
CARTE MEMO IRE 

PATENT ASSIGNEE: 

FUJITSU LIMITED, (211463), 1-1, Kamikodanaka 4-chome, Nakahara-ku, 

Kawasaki-shi, Kanagawa 211-8588, ( JP) , (Applicant designated States: * 
all) 

Nippon Columbia Co., Ltd., (2395621), 14-14 Akasaka 4-chome, Minato-ku, 
Tokyo 107-8011, ( JP) , (Applicant designated States: all) 

Hitachi, Ltd., (204145), 6 Kanda Surugadai 4-chome, Chiyoda-ku, Tokyo 
101-8010, (JP), (Applicant designated States: all) 

Sanyo Electric Co., Ltd., (2206455), 5-5, Keihan-Hondori 2-chome, , 

Moriguchi-shi, Osaka 570-8677, ( JP) , (Applicant designated States: all) 
INVENTOR: 

HATANAKA, Masayuki, Fujitsu Limited, 1-1, Kamikodanaka 4-chome, 

Nakahara-ku, Kawasaki-shi, Kanagawa 211-8588, (JP) 
KAMADA, Jun, Fujitsu Limited, 1-1, Kamikodanaka 4-chome, Nakahara-ku, 

Kawasaki-shi, Kanagawa 211-8588, (JP) 
HATAKEYAMA, Takahisa, Fujitsu Limited, 1-1, Kamikodanaka 4-chome, 

Nakahara-ku, Kawasaki-shi, Kanagawa 211-8588, (JP) 
HASEBE, Takayuki, Fujitsu Limited, 1-1, Kamikodanaka 4-chome, Nakahara-ku 

, Kawasaki-shi, Kanagawa 211-8588, (JP) 
KOTANI, Seigou, Fujitsu Limited, 1-1, Kamikodanaka 4-chome, Nakahara-ku, 

Kawasaki-shi, Kanagawa 211-8588, (JP) 
FURUTA, Shigeki, Fujitsu Limited, 1-1, Kamikodanaka 4-chome, Nakahara-ku, 

Kawasaki-shi, Kanagawa 211-8588, (JP) 
AN A Z AW A, Takeaki, Nippon Columbia Co., Ltd., 14-14 , Akasaka 4-chome, 

Minato-ku, Tokyo, (JP) 
TONEGAWA, Tadaaki, Semic . /Integ . C . Hitachi Limited, 20-1, Josuihoncho 

5-chome, Kodaira-shi, Tokyo 187-8588, (JP) 
HIOKI, Toshiaki, Sanyo El. Co., Ltd., 5-5, Keihanhondori 2-chome, 

Moriguchi-shi, Osaka 570-8677, (JP) 
KANAMORI, Miwa, Sanyo El. Co., Ltd., 5-5, Keihanhondori 2-chome, 

Moriguchi-shi, Osaka 570-8677, (JP) 
HORI, Yoshihiro, Sanyo El. Co., Ltd., 5-5, Keihanhondori 2-chome, 

Moriguchi-shi, Osaka 570-8677, (JP) 
LEGAL REPRESENTATIVE: 

Glawe. Delfs. Moll (100699), Patentanwalte Postfach 26 01 62, 80058 

Munchen, (DE) 

PATENT (CC, No, Kind, Date) : EP 1209657 Al 020529 (Basic) 

WO 200113358 010222 • 
APPLICATION (CC, No, Date) : EP 2000950052 000809; WO 2000JP5339 000809 
PRIORITY (CC, No, Date): JP 99226406 990810; JP 99349336 991208 
DESIGNATED STATES: DE; FR; GB 

EXTENDED DESIGNATED STATES: AL; LT; LV; MK; RO; SI 

INTERNATIONAL PATENT CLASS: G10K-015/02; G06F-015/00 ; G06F-017/60 ; 

H04L-009/08; H04L-009/32; G06K-019/00; H04H-001/00; H04M-003/42; 

H04M-003/493; H04M-011/08; G01L-019/00 
ABSTRACT WORD COUNT: 110 
NOTE: 

Figure number on first page: 5 

LANGUAGE ( Publication, Procedural , Application ) : English; English; Japanese 
FULLTEXT AVAILABILITY: 

Available Text Language Update Word Count 

CLAIMS A (English) 200222 2446 

SPEC A (English) 200222 22741 

Total word count - document A 25187 

Total word count - document B 0 

Total word count - documents A + B 25187 



Sylvia Keys 



22-Jul-05 02:13 PM 



...INTERNATIONAL PATENT CLASS: G06F-015/00 ... 
: . . G06F-017/60 

...SPECIFICATION symmetric key encrypted by the first public encryption 
key, and applies a decryption process. The first symmetric key is 
updated and distributed for each communication of encrypted content 
data . 

The second key hold unit stores a second public encryption key 
which is unique to each memory card. . . Kmedia, Kcard(n), and KPcard(n) are 
used, as will be described afterwards. 

Furthermore, the secret key to maintain secrecy in data transfer 
with an external source of the memory card and ... respect to each other as 
to the transfer of a session key and obtaining a secret key used in 
transmitting a session key to the other party. 

The structure of cellular phone... 

. . .CLAIMS encryption key corresponding to said memory card, 

a first decryption processing unit (1404) receiving a first symmetric 
key updated and distributed for each communication of said 
encrypted content data, and encrypted with said first public 
encryption key to apply a decryption process... 

...claim 3, wherein said second decryption processing unit receives license 
information data encrypted with said second public encryption key 
and further encrypted with said first symmetric key , 
distributed together with said content key, and applies decryption 
based on said first symmetric key, 

wherein ... 

...claim 7, wherein said second decryption processing unit receives license 
information data encrypted with said second public encryption key 
and further encrypted with said first symmetric key , 
distributed together with said content key, and applies decryption 
based on said first symmetric key, 

wherein ... 
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...SPECIFICATION is in the possession of a number of plain-text /cypher-text 
pairs for a secret key . The secret key can be obtained by trial 
and error. The most trivial attack is to find out the secret key only 
through t rial and error which is called "Brute force attack" . By using a 
large... the public key prior to transmission of an information and only 
the owner of the secret key is enabled to decrypt again the encrypted 
message. In particular, that principle for the first... 

. ..n = p x q wherein x = plain text, y = cypher text, e = public key, d = 
secret key , n = public modulus and p, q = secret prime numbers. 
For the further details of an. . . 

...has not been altered during transmission. For generating a MAC, a 
cryptographic algorithm with one secret key which is known to both 
communication partners is utilized. For the calculation of a MAC... the 
user. 

In a preferred embodiment of the invention, the encrypted information 
unit and the encrypted first key are downloaded from a central 
server, e.g. a server interconnected with the Internet, particularly from 
a . . . 

...CLAIMS least one key. 

4. Method according to claim 1 or 2, characterized in that the decrypted 
at least first key is transferred to the first information 
processing device (2) and the information unit is decrypted (29) on 
...of claims 13 to 19, characterized in that the first device (2) 
comprises means to download the encrypted information unit, the 
encrypted first key , and/or the generated signature, and/or the 
control command, from a central server (4... 
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... SPECIFICATION • the use request according to a digital signature on an 
edit program by combining a secret - key cryptosystem and a public-key 
cryptosystem. 

Japanese Patent Laid-Open Publication 288940/1996 ( USP5 , 74 0 ... audio 
interface 132 and the printer interface 133 of the copyright management 
apparatus 140. 

A secret - key cryptosystem is often used as a cryptosystem for 
encrypting digital data. The most popular DES ( Data Encryption Standard) 
in the secret - key cryptosystems carries out encryption/decryption per 
64-bit block unit of data. It is a typical block cipher method in the 
secret - key cryptosystem and has been widely adopted. Using this 
encryption/decryption per block processing allows to... 

...CLAIMS data double re-encrypted by third-changeable-second-changeable 
keys to be copied or transferred; 
decrypting said copied or transferred digital data double re- 
encrypted by third-changeable- second -changeable keys by using 
said third changeable key to digital data re-encrypted by the second 
changeable . . . 

...data double re-encrypted by third-changeable-second-changeable keys to 
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be copied or transferred; 
decrypting said copied or transferred digital data double re- 
encrypted by third-changeable- second -changeable keys by using 
said third changeable key to digital data re-encrypted by the second 
changeable ... 

...data double re-encrypted by second-changeable-third-changeable keys to 
be copied or transferred; 
decrypting said copied or transferred digital data double re- 
encrypted by second -changeable-third-changeable keys by using 
said second changeable key to digital data re-encrypted by the 
third changeable key; and 
decrypting said digital data... 
...data double re-encrypted by second-changeable-third-changeable keys to 
be copied or transferred; 
decrypting said copied or transferred digital data double re- 
encrypted by second -changeable-third-changeable keys by using 
said second changeable key -to digital data re-encrypted by the 
third changeable key; and 
decrypting said digital data... by third-changeable-second-changeable 

keys to be copied or transferred; 
a third changeable key decryption unit for decrypting said copied or 
transferred digital data double re- encrypted by third-changeable- 
second -changeable keys by using said third changeable key to 
digital data re-encrypted by the second changeable. . . 

. . .by third-changeable-second-changeable keys to be copied or transferred; 
a third changeable key decryption unit for decrypting said copied or 
transferred digital data double re- encrypted by third-changeable- 
second -changeable keys by using said third changeable key to 
digital data re-encrypted by the second changeable 
changeable-third-changeable keys to be copied or transferred; and 
a second changeable key decryption unit for decrypting said 

copied or transferred digital data double re- encrypted by second 
-changeable-third-changeable keys by using said second changeable 
key to digital data re-encrypted by the third changeable key, and a 
third changeable key. . . 

...re-encrypted by second-changeable-third-changeable keys to be copied or 
transferred; and 

a second changeable key decryption unit for decrypting said 

copied or transferred digital data double re- encrypted by second 
-changeable-third-changeable keys by using said second changeable 
key to digital data re-encrypted by the third changeable key, and a 
third changeable key. . . 
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...SPECIFICATION to the data item. At least one of the transfers of 

permission may include the transfer of a first encryption key , 
and the method may include using a second encryption key to 
encrypt the first encryption key prior to transfer . The first 
encryption key may include a secret key and the second encryption 
key may include one of the keys in a public/private ... each of the sender 
computers and recipient computers may rely on encryption devices known as 

secret keys and public/private key sets, and may include a highly 
secure mechanism, which may handle... 

...more of the keys or key sets, or encrypted or unencrypted data, or both. 
A secret key (also known as a symmetric key) is a string of data 
(e.g. , 40 bits. . . 

...in a way that allows the other data to be de-encrypted using the same 
secret key . A public/private key set includes two strings of data 
(e.g., 1024 bits each... 

...Security Dynamics, Inc., 1982. 

A conventional general-purpose computer can be used to generate the 
secret key and the public/private key set, which can be stored in 
conventional computer files, as ... implement a public/private key 
encryptor 56, a public/private key de-encryptor 58, a secret key 
encryptor 60, and a secret key de-encryptor 62. A permission data 
bank 64, a public key 66, a private key... 

. . . known as Java . 

In a specific embodiment, only the publisher computer is provided with 
a secret key encryptor (e.g., because the other computers are not 
originators of encrypted data items) and only the end-user computer is 
provided with the secret key de-encryptor (e.g., because the other 
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computers do not display or otherwise make significant... 

...Figs. 8-14 illustrate a detailed example 72 of the usage permission 
transfer procedure. A secret key 74 (e.g., a randomly-generated 
40-bit number) is used to encrypt book data 7 6 to produce secret key 
encrypted book data 78 (step 2010), which is stored at a sender computer 
(step 2020) . (In a specific embodiment, the secret key is also 
appended to the secret key encrypted book data.) 

The encrypted digest and the recipient computer's unique public key are 

...response can be matched to the request at the recipient computer.) At 
the sender computer, secret key encrypted book data and a secret 
key and voucher corresponding to the request are selected (step 2130), 
and the recipient's unique public key is used to produce a public key 
encrypted secret key and voucher 94 (step 2140), which is transmitted 
along with the secret key encrypted book data to the recipient 
computer from the sender computer (steps 2150, 2160) . 
At . . . 

...recipient computer (Fig. 11), the recipient's unique private key is used 
to produce a secret key and voucher 98 (step 2180), and the secret 
key is used to produce unencrypted book data 100 from the secret key 
encrypted book data (step 2190) . 

At this point, the unencrypted book data may be displayed. . .book 
retailer) . If the permission is lent or leased, the procedure also 
specifies that the secret key is associated with matching expiration 
times 102S and 102R (e.g., each corresponding to a two-week period) at 
the sender and recipient computers, respectively, so that the secret 
key cannot be used (and therefore the data item cannot be used) at the 
sender computer. . . 

...In a case of giving or selling, the recipient computer is entitled to 
retain the secret key indefinitely, and to serve as a sender computer 
in a subsequent transaction. If at the. . . 

...one end-user computer (e.g., itself) to gain access to the data item, 
the secret key is erased at the sender computer after the recipient 
computer is provided with the secret key . 

In a case of leasing or selling, the permission may be provided in 
exchange for. . . 

...In at least some cases, it is advantageous if" at least the audit file, 
the secret key , the public/private key set, the permission data bank, 
the group private key, and the... 

...the smartcard computer (i.e., are never presented at the connection 
circuitry) , and if the secret keys are never transmitted in 
unencrypted form. The encrypted data item may be stored separately from 
...known as Java. 

In a specific embodiment, only the publisher computer is provided with 
a secret key encrypt or (e.g., because the other computers are not 
originators of encrypted data items) and only the end-user computer is 
provided with the secret key de-encryptor (e.g., because the other 
computers do not display or otherwise make significant... 

...Figs. 8-14 illustrate a detailed example 72 of the usage permission 
transfer procedure. A secret key 74 (e.g., a . randomly-generated 
40-bit number) is used to encrypt book data 76 to produce secret key 
encrypted book data 78 (step 2010), which is stored at a sender computer 
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secret key and the second encryption key includes one of the keys 
in a public/private key. . . 
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.SPECIFICATION and then transmits the ticket transfer offer message, via 
the wireless communication means to the second electronic wallet; the 
second electronic wallet, upon receiving the ticket transfer offer 
message, generates a ticket transfer offer response message indicating 
the contents of the ticket transfer offer message are acceptable, and. . . 
108, and between the service system 110 and the telephone card issuing 
system 109. A secret key and a public key are employed for encrypting 
the information, and the encrypted information is... 1511, the audio codec 
1512 and the channel codec. 

The cryptographic processor 1505 includes a secret key encryption 
and decryption function and a public key encryption and decryption 
function. The cryptographic processor ... data encryption key register 
(CRYPT) 1613 in which is stored an encryption key for the secret key 
cryptography method that is employed for encryption and decryption of 
audio data. When the audio... 
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.SPECIFICATION to the key management center. On receiving the copyright 
management program, the key management center transfers the first 
crypt key corresponding to the specific usage and a second crypt 
key K2 together with the copyright management program to the first 
user via a communication network. On receiving the first crypt ... basic 
encryption-related technique used in the present invention will be 
described below. 



--Crypt key- 
Secret - key system is also called "common key system 11 because the 
same key is used for encryption. . . 

...and because it is necessary to keep the key in secret, it is also called 
" secret - key system". Typical examples of encryption algorithm using 
secret - key are: DES (Data Encryption Standard) ...of NTT, and MISTY 
system of Mitsubishi Electric Corp. In the embodiments described below, 
the secret - key is referred as "Ks". 

In contrast, the public-key system is a cryptosystem using a. . . 

...to encrypt data content, a plain text material M to a cryptogram Cmks 
using a secret - key Ks is expressed as : 
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Cmks = E (M, Ks) . 



The operation to decrypt the cryptogram Cmks... the second public-key Kb2 

that are prepared by a first user, and a first secret - key Ksl and a 

second secret - key Ks2 prepared by the database. The database uses the 
first secret - key Ksl to encrypt data content M: 

Cmksl = E (M, Ksl) 

and further encrypts the first secret - key Ksl by the first 
public-key Kbl: 

Ckslkbl = E (Ksl, Kbl) 

and the second secret - key Ks2 by the second public-key Kb2 : 
Cks2kb2 = E (Ks2, Kb2) . 

The database then transmits these encrypted data content Cmksl and the 
first and the second secret - keys Ckslkbl and Ck2kb2 to the first 
user. 

The first user decrypts the encrypted first secret - key Ckslkbl 
using the first private-key Kvl : 

Ksl - D (Kvl, Ckslkbl) , 

and decrypts the encrypted data content Cmksl by the decrypted first 
secret - key Ksl: 

M = D (Ksl, Cmksl) 

and uses it. The user decrypts encrypted second secret - key Cks2kb2 
by the second private-key Kv2 : 

Ks2 = D <Kv2, Cks2kb2) , 

which is subsequently used... The original data contents Ml, M2 and M3 
are encrypted using each of the second secret - keys Ks21, Ks22, Ks23 
supplied with each of data contents Ml, M2 and M3 when used. . . 

. . .M5 and M6, of original data contents are also encrypted using each of 
the second secret - keys Ks21, Ks22, Ks23 supplied with each of the 
original data contents when used for operations... 

...content parts Cm4ks21, Cm5ks22 and Cm6ks23, and the edit program Pe, 
second user requests second secret - keys Ks21, Ks22, Ks23 for 
decryption of the encrypted original data content parts Cm4ks21, Cm5ks22 
and. . . 

...user is a valid user to use the original data content to which the 

second secret - keys Ks21, Ks22, Ks23 correspond. If the first user is 
the valid user, the center transmits the second secret - keys Ks21, 
Ks22, Ks23 to second user. Otherwise, it does not transmit the second 
secret - keys Ks21, Ks22, Ks23 to the second user. 

The digital signature Spe presented to the copyright... 

. . . content . 

(Embodiment 2) 

Embodiment 2 is described referring to Figure 3. This embodiment uses 
first secret - key Ksl, second secret - key Ks2, third secret - key 
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...scenario market management center to advertise and auction said editing 
scenario and to change the secret - key for said editing scenario 
from the data content editor's secret - key into the scenario 
seller f s secret - key ; and 

- a database comprising 

- the original data content as a data object; and 

- said edited. . . 

...stored in said database, 

- encrypting the editing scenario of said edited data content by his 
secret - key , depositing the encrypted editing scenario in said 

database and depositing said secret - key in said key management 
center by said data content editor 

- auctioning and transferring of his secret - key for said editing 
scenario to said key management center for said editing scenario 
seller wishing. . . 

...scenario by an editing scenario market management center; and. 

- changing the data content editor's secret - key into the editing 
scenario's seller's key by said editing scenario dealing management 
center ... 
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...SPECIFICATION persons other than the participants of the conference are 
protected by the cryptosystem using a secret - key . 

However, since the conference content obtained by the participants 
themselves are decrypted, in the case... 

. . .public. 

The digital cash system which has been proposed so far is based on a 
secret - key cryptosystem. The encrypted digital cash data content is 
transferred from a bank account or a... 
. . .basic encryption-related technique used in the present invention will be 
described below. 

--Crypt key — 

Secret - key system is also called "common key system" because the 
same key is used for encryption... 

...and because it is necessary to keep the key in secret, it is also called 
" secret - key system". Typical examples of encryption algorithm using 
secret - key are: DES (Data Encryption Standard) system of National 
Bureau of Standards, FEAL (Fast Encryption Algorithm... 

...of NTT, and MISTY system of Mitsubishi Electric Corp. In the embodiments 
described below, the secret - key is referred as "Ks". 

In contrast, the public-key system is a cryptosystem using a... 

...to encrypt data content, a plain text material M to a cryptogram Cks 
using a secret - key Ks is expressed as: The operation to decrypt the 
cryptogram Cks to the plain text data content M using a secret - key Ks 
is expressed as: Also, the operation to encrypt the plain text ...key 
escrow system or a key recovery system is used in practical application. 

Further, the secret - key can be used as user data and the secret - 
key is encrypted using the public-key of the data center and this is 
entered as . . . 

...this using the private-key of the data center when necessary and by 
confirming the secret - key , it is possible to achieve a key escrow 
system or a key recovery system in. . . 

...and a public-key Kbl of the first user, and requests the distribution of 
a secret - key Ksl for decryption and a secret - key Ks2 for 
re-encryption. 

As the user data, a user ID, a user E-mail address or a secret - key 
generated at the user's request for secret - key can be used. Further, 
random number ...hash algorithm, can be used as the user data. 

(3) The key center generates the secret - keys Ksl and Ks2 and 
stores them together with the data content name TmO, the first user data 
II and the first user public-key Kbl, and the secret - keys Ksl and Ks2 
are encrypted using the first user public-key KbT: and the encrypted 
secret - keys Ckslkbl and Cks2kbl are distributed to the first user. 

(4) The first user Ul decrypts the distributed encrypted secret - 
keys Ckslkbl and Cks2kbl using the first user private-key Kvl: 

The decrypted * secret - keys Ksl and Ks2 are stored in the device. The 
user is not the owner of the secret - keys Ksl and ks2, but the key 
center or the data center is the owner. Because there may be possibility 
of improper use of the secret - keys if the management of the secret - 
keys is made by the user, the secret - keys Ksl and Ks2 are 
automatically- stored in IC card, PCMCIA card, insert board or software... 

. . . user ' s control . 

Here, the fee to use the data content MO is charged. 
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. . .'SPECIFICATION who use the network. The data management center certifies 
public-key of network users, distributes secret - key for data 
encryption corresponding to presentation of a user label, and identifies 
data utilization status by the request of the secret - key . The data is 
stored and transferred after having been encrypted using the secret - 
key , and the data is to be stored and transferred encrypted using a 
secret - key ' different from the secret - key for the data which has 
been transferred. An original data label is added to an. . . 

...label and the data relating to editing. A user label is used to request 
the secret - key , but electronic fingerprinting of the user label may 
be used instead. 

The second aspect of . . . 
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...network, data which is transferred from a maker to a user is encrypted 
by a secret - key for encryption, and data which is transferred from 
the user to the maker is encrypted by a secret - key for re-encryption. 



BRIEF DESCRIPTION OF THE DRAWINGS 

Fig. 1A to Fig. ID each represents... 

...In this system, a set of public-key & private-key of each user and a 
secret - key different for each step of the use of the copyrighted data 
are used. Among these. . . 

. . .be given on a key system and a digital signature system used in the 
invention. 

Secret - key system is also called "common key system" because the 
same key is used for encryption... 

. . .decryption. Because it is necessary to keep the key in secret, it is 
also called " secret - key system". Typical examples of encryption 
algorithm using secret - key are: DES (Data Encryption Standard) system 
of National Bureau of Standards, FEAL (Fast Encryption Algorithm. . . 

...of NTT, and MISTY system of Mitsubishi Electric Corp. In the embodiments 
described below, the secret - key is referred as "Ks". 

In contrast, the public-key system is a cryptosystem using a... carried 
out as explained in the third embodiment. In the system of the present 
embodiment, secret - key and public-key & private-key are used. 
Therefore, an entity to manage public-key and an entity to generate 
secret - key may be linked to or included in the. data management center. 

(1) An original author... 

...original copyright label LO and requests the data management center Cd 
to distribute an original secret - key KsO. The original author may 
transfer or deposit the original copyrighted data to an information... 

...the original author. It is also possible that the original author A 
stores the origins secret - key KsO and encrypts the original 
copyrighted data MO without depending on the data management center Cd, 
while the original secret - key KsO must be stored at the data 
management center Cd to utilize the original copyrighted data MO by the 
user (data user) . 

(2) When the distribution of the original secret - key KsO is 
requested, the data management center Cd encrypts the original secret - 
key KsO corresponding to the original copyright label LO using a 
public-key Kba of the original author A: and distributes the encrypted 
original secret - key CksOkba together with the original copyright 
label LO to the original author A. 

The secret - key is hereafter, encrypted by a public-key of a 
distributed destination in order to be. . . 

...this electronic fingerprint is transferred together with the copyrighted 
data . 

(3) When the encrypted original secret - key CksOkba is distributed, 
the original author A decrypts the encrypted original secret - key 
CksOkba using the private-key Kva of the original author A: encrypts the 
original copyrighted data MO using the decrypted original secret - key 
KsO: and transfers the encrypted original copyrighted data CmOksO, the 
original copyright label LO and. . . 
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agency; 

Decryption of encrypted secret - key for re-encryption by using 

private-key of said user, decryption of encrypted electronic commerce 
data by using decrypted secret - key for re-encryption, making of 
order sheet by entering order content into decrypted electronic 
commerce data, encrypting said order sheet by using secret - key 
for re-encryption, and transfer of encrypted order sheet to said 
agency by said user; 

Decryption of said encrypted order sheet by using said secret - key 
for re-encryption, encryption of the decrypted order sheet by using 
public-key of said. . . 
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...SPECIFICATION interaction necessary with a registration authority. Since 
each digital asset is encrypted with a special secret key (lambda)T)) 
for that specific asset, and can be played or used only when the... 

...such as, for example, software, music, art, books, videos, etc., is 
encrypted with its own secret key so that the asset is locked. To 
simplify the description of the present invention, the... 
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..of the present invention can be broadcast freely because it cannot be 
played unless the secret key for the piece is known. The music piece 
can be obtained from any medium, such. . . 

..decryption, and stream decryption in a well-known manner. Personality 
module PM also stores a secret key p and a public key PuA from a 
certification authority in a memory or database... 

..a plurality of personality modules. Each personality module owned by a 
user has the same secret key (rho) . Thus, the user can simultaneously 
play a particular piece of music on as many ... common trusted authority. 
After successful authentication, the certification module enables the 
vendor to send the secret key to the buyer's personality module for 
the purchased piece of music so that the music can be played. The 
transmission of the secret key for the purchased music is encrypted 
so there is no need for physical contact between... 

..public key Pu<e>, a private key Pr<e> and a secret key 
<(epsilon)>. Plaintext p encrypted by a key k is denoted as k(p... 

, .a certifying authority A has a public key PuA, a private key PrA and a 
secret key (alpha) . A certifying authority certifies the authenticity 
of keys used by music publishing labels and. . . 

.denoted as entity L, has a public key PuL, a private key PrL and a 
secret key (lambda) . Players, denoted at P, are hardware devices 
(Figure 1) that are manufactured by manufacturer M. Each player plays 
music and contains a personality module PM that has a secret key 
(rho) . Vendors, denoted as V, distribute music, and generally speaking, 
have a certification module CM. . . 

.denoted as T, represents a piece of music being sold. Each title has an 
associated secret key ( lambda) T)) determined by the music publishing 
label L. 

Consider the example of a music... 

.publishing label L. 

At step' 302, the music publishing label L stores the label's secret 
key (lambda), the label's private key PrL, the certification authority's 
public key PuA, a . . . key encryption and decryption. 

Publishing label L encrypts the piece of music T using a secret key 
for that particular piece of music { lambda )T)) to obtain (lambda) T) ) (T) . 
Label L also encrypts the secret key (lambda) T) ) using secret key 
(lambda) to obtain ( lambda) (( lambda) T) )) . At step 303, publishing label L 
sends the encrypted. . . 

.304 by a manufacturer M by encrypting the publicly- known character 
string X using the secret key (rho) for the personality module to 
obtain (rho) (X) . Manufacturer M then provides (rho) (X. . . 

.are provided to manufacturer M. 

At step 305, manufacturer M stores the personality module's secret 
key (rho), the certification PrA((rho)X), the certification authority's 
public key PuA and a... 

.the publishing label's public key PuL. Personality module PM uses PuL to 
encrypt PM secret key (rho) and certificate PrA(pX), which are both 
transferred to certification module CM. 

At step 308, certification module CM uses the publishing label's 
secret key PrL to decrypt the personality module's secret key 
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encrypted using the first secret key (rho) . 

36. The personality module according to claim 35, wherein the transceiver 
receives the encrypted second secret key ( rho) { (lambda ) T) ) ) and 
the selected information, and 

wherein the database decrypts the second secret key (lambda) T) ) 
using the first secret key (rho) stored in the database, and 
decrypts the encrypted selected information using the second secret 
key (lambda)T)) decrypted by the personality module. 

37. The personality module according to claim 36... 

...an encrypted first public key PrA(PuL), a second public key PuA, an 
encrypted first secret key ( lambda) ( (lambda ) T) )) , a second 
secret key (lambda), a first private key PrL and first 
certification information, the first public key PuL being encrypted 
using a second private key PrA, and the first secret key 
(lambda)T)) being encrypted using the second secret key (lambda); 
and 

a transceiver receiving second certification information, 

the certification module verifying the second certification. . . 

...claim 40, wherein the second certification information received by the 

transceiver includes an encrypted third secret key PuL ((rho)) and 
the first ...information encrypted with the first public key, the 
second private key PrA and the third secret key (rho) . 
42. The certification module according to claim 41, wherein the 

certification module decrypts the encrypted third secret key 
PuL ((rho)) using the second private key PrL stored in the database, 
decrypts the encrypted. . . 

...private key PrL stored in the database, the second public key PuA and 

the third secret key (rho) decrypted by the certification module, 
and 

wherein the certification module enables transmission of the. . . 

...certification module according to claim 42, wherein the selected 
information is encrypted with the first secret key 
(lambda) T) ) (T) , and 

wherein, when the second certification information matches the 
first certification information, the certification module encrypts 
the first secret key ( lambda ) T) ) (T) using the third secret key 
(rho) decrypted by the certification module, and the encrypted first 
secret key ( rho) (( lambda) T) ) ) is transmitted by the transceiver. 

44. The certification module according to claim... 

...wherein the second certification information is the first certification 
information X encrypted using the third secret key (rho) , and 
further encrypted by the first private key PrA. 

45. The certification module according... 
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...SPECIFICATION is described below, general description is made for 
cryptography at first. 

The cryptography includes a secret - key cryptosystem and a 
public-key cryptosystem. 

The secret - key cryptosystem is a cryptosystem using the same crypt • 
key for encryption and decryption. While this cryptosystem requires only 
a short time for encryption or decryption, the secret - key is found, 
and thus, the cryption may be cryptanalized. 

The public-key cryptosystem is a... 

. . .M is expressed as (Formula omitted) 

The cryptosystem used for the present invention uses a secret - key 
cryptosystem in which the same secret - key Ks is used for encryption 
and decryption, and a public-key cryptosystem in which a... 

...supplied in accordance with a request from the primary user 4. 

This system rises the secret - key cryptosystem and the public-key 
cryptosystem as a cryptosystem. 
It is matter of course that... 

...copyright management center 3 as the primary user information Iul . 

The database 1 prepares two secret - keys , that is, first secret - 
key Ksl and second secret - key Ks2. 

In the prepared first secret - key Ksl and second secret - key Ks2, 
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the second secret - key Ks2 is also previously transferred to the 
copyright management center 3. 
As the result of. . . 

...to primary utilization, the primary user information Iul, original 
copyright information IcO and the second secret - key Ks2 are stored 
in the copyright management center 3. In this case, the original 
copyright . . . 

...request of the primary user. The read original data MO is encrypted by 
the first secret - key Ksl: (Formula omitted) ^ 

The encrypted data CmOksl is provided with the uncrypted original 
copyright information IcO. 

The first secret - key Ksl is encrypted by the first public-key Kbl 
• and the second secret - key Ks2 is encrypted by the second public-key 
kb2: (Formula omitted) (Formula omitted) 

While the copyright management program P is also encrypted by the 
second secret - key Ks2 (Formula omitted) the copyright management 
program P must not always be encrypted by the second secret - key Ks2 
but it may be encrypted by any other proper crypt key. 

The encrypted original data CmOksl, encrypted copyright management 
program Cpks2, and two encrypted secret - keys Ckslkbl and Cks2kb2 are 
transferred to the primary riser terminal 4 via the communication 
network. . . 

...from the database 1. 

The primary user receiving the encrypted original data CmOksl, two 
encrypted secret - keys Ckslkbl and Cks2kb2, and encrypted copyright 
management program Cpks2 from the database 1 decrypts the encrypted 
first secret - key Ckslkbl by the database utilization software using 
the first private-key Kvl corresponding to the first public-key Kbl: 
(Formula omitted) and decrypts the encrypted second secret - key 
Cks2kb2 using the second private-key Kv2. corresponding to the second 
public-key Kb2 : (Formula omitted) 

And the primary user decrypts the encrypted copyright management 
program Cpks2 using the decrypted second secret - key Ks2: 
(Formula omitted) 

Finally, the primary user decrypts the encrypted data CmOksl by the 
decrypted copyright management program P using the decrypted first 
secret - key Ksl: (Formula omitted) and uses the decrypted original 
data MO directly or data Ml as... 
...data MO or the edited data Ml, it. is encrypted and decrypted by* the 
second secret - key Ks2 : (Formula omitted) (Formula omitted) 

The decrypted second secret - key Ks2 is thereafter used as a crypt 
key for encrypting/decrypting data when storing, copying... 

...transmitting the data. 

The first private-key Kvl and second private-key Kv2, the first secret 
- key Ksl and second secret - key Ks2, the data M, the copyright 
management program P, the original copyright information Ic, and. . . 

...to be distributed. Since the copyright information label provides a 
clue to obtain the second secret - key Ks2 which is the key for 
decryption, the second secret key Ks2 cannot be obtained in the case 
where the copyright information label is removed from. . . 

. . .When the encrypted data Cmks2 is stored in the primary user terminal 4 , 
the second secret - key Ks2 is stored in the terminal 4. However, 
when the encrypted data Cmks2 is not... 
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conference . 

The video conference participant 122 receiving the first secret - key 
Ksl generates the second secret - key Ks2 by the first secret - key 
Ksl using the video conference data management program P: 

The generated second secret - key Ks2 is stored in the terminal. 

The video conference participant 121 encrypts the video conference data 
MO with the first secret - key Ksl, in the video conference through the 
communication network 2: and transfers the encrypted video... 

...video conference participant 122 who receives the video conference data 

CmOksl encrypted by the first secret - key Ksl decrypts the video 

conference data CmOksl by the first secret - lkey Ksl: and uses 
decrypted video conference data MO. 

Further, the second secret - key Ks2 is generated based on the first 

secret - key Ksl with the video conference data management program P: 

In the case where the decrypted.... 

...video conference via the communication network 2, the data M is 

encrypted by the second secret - key Ks2 using the video conference 
data management program P: 

The encrypted data Cmks2 is copied. .. receives the request for the 
second use of the data M finds out the first secret - key Ksl according 
to the name or the number of the video conference data name or number to 
generate the second secret - key Ks2 based on the first secret - key 
Ksl: and supplies the generated second secret - key Ks2 to the 
non-participant of the video conference 123. 

The non-participant of video conference 123 who receives the second 
secret - key Ks2 decrypts the encrypted data Cmks2 by the second secret 
- key Ks2 by using the television conference data management program P: 
and then, uses decrypted video... 

...of the video conference 124, the video conference data M is encrypted by 
the second secret - key Ks2 using the video conference data management 
program P: 

Incidentally, the third secret - key Ks3 may be generated on the 
basis of the second secret - key Ks2 with the video conference data 
management program P: and the data M can be encrypted with the video 
conference data management program P by this generated third secret - 
key Ks3: 

...CLAIMS in said read-only semiconductor memory; 

a second private-key, a permit key, a second secret - key , a 
copyright management program, and copyright information are stored 
in said electrically erasable programmable memory... 

...in said read-only semiconductor memory; 

a second private-key, a permit key, a second secret - key , 
and copyright information are stored in said electrically erasable 
programmable memory; and 

a first public... 
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. . .ABSTRACT is produced by editing a plurality of encrypted data obtained 
from the database, and is encrypted for distribution to another 
person, crypt keys for a plurality of data as raw material and an 
edition program which is an editing process with. . . 

...comprises a database and a key control center, and uses a primary 
copyright label, a first use permit key including a first crypt 
key , a second use permit key , a third crypt key, and a copyright 

management program. The primary user uses primary copyrighted data 
encrypted by using the first crypt key and supplied, by decrypting 
it with the first use permit key obtained from the key... 

. . .use permit key. At the completion of the editing, the primary user 
receives the third crypt key for secondary copyright as 
secondary exploitation right, encrypts the edited data with the third 
crypt key, and distributes it to a secondary user... 

...new data is produced by editing a plurality of data obtained from the 
database, and encrypted for distribution . to another person, crypt 
keys for a plurality of data as raw material and an edition program 
which is as an editing process... 

...SPECIFICATION the key control center. On receiving the copyright 
management program Pc, the key control center transfers the first 
crypt key Kl and a second crypt key K2 corresponding to the 
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specific usage together with the copyright management program Pc to the 
...copyright management program Pc which have been encrypted. 

Typical means used for encrypting data include secret - key 
cryptosystem and public-key cryptosystem. 

The secret - key cryptosystem uses the same secret crypt key Ks 
for both encryption and decryption: 

CmKs = E. . . 

...to the second public-key Kb2 which are prepared by the user, and a 

first secret - key Ksl and a second secret - key Ks2 prepared by the 
database. The database uses the first secret - key Ksl to encrypt data 
M 

Cmksl = E (Ksl, M) 

and further encrypts the f irstsecret-keys Ksl by the first public-key 
Kbl 

Ckslkbl = E (Kbl, Ksl) 

and encrypts the second secret - key Ks2 by the second public-key Kb2 

Cks2kb2 = E (Kb2, Ks2); 

the database then transmits these encrypted data Cmksl and the first 
and the second secret - keys CKsl and Cks2kb2 to the user; 

the user decrypts the first secret - key Ckslkbl using the first 
private-key 

Kvl 

Ksl = D (Kvl, Ckslkbl) , 

and decrypts the encrypted data Cmksl to use by decrypted first secret 

- key Ksl 

M = D (Ksl, Cmksl) , 

and the encrypted second secret - key Cks2kb2 by the second 
private-key Kv2 

Ks2 = D (Kv2, Cks2kb2) ; 

and decrypted second secret - key Ks2 is used for data 
storage/copy/transf aer after data decryption. 

SUMMARY OF THE INVENTION ... user who requires encrypted secondary data 
requests the key control center for distributing the third crypt key. 
The key control center distributes the third crypt key to the 
secondary user. 

The secondary user who receives the second crypt key decrypts 
encrypted secondary data using. . . 

...to the second public-key Kb2 which are prepared by the user, and a 

first secret - key Ksl and a second secret - key Ks2 prepared by the 
database. The database uses the first secret - key Ksl to encrypt data 
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...use said primary copyrighted data requests distribution of said first 
use permit key to said key control center; 

said primary user decrypts said primary copyrighted data 
for primary use by using said distributed first use permit key; 

said primary user. . . 

...from said key control center, and edits said primary copyrighted data by 
using said distributed second use permit key , said copyrighted 
data during editing being encrypted and stored by using said 
second use permit key; 

said primary user who completes editing. . . 
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. . . SPECIFICATION transfers the third secret— key Ks3 serving as a decryption 
key and the fourth secret- key Ks4 serving as an encryption/decryption 
key to the tertiary user terminal 6 via the communication network 8. 

In the tertiary user terminal 6 receiving the third secret - key Ks3 
and the fourth secret - key Ks4, the encrypted data Cmks3 is decrypted 
using the third secret - key Ks3 by the copyright management program P 
(Formula omitted) and is tertiarily utilized such as... 

...this embodiment, the data M supplied to a primary user is encrypted by 
the first secret - key Ksl and the data M supplied to a secondary user 
is encrypted by the second secret - key Ks2, and the data M supplied 
to a tertiary user is encrypted by the third secret - key Ks3. 

Therefore, if the tertiary user, instead of the primary user, falsely 
requests for primary utilization to the key control center 9, the first 
secret - key Ksl for decryption and the second secret - key Ks2 for 

encryption / decryption are transferred to the tertiary user. 
However, it is impossible to decrypt the encrypted data Cmks3 by the 
first secret - key Ksl transferred as a decryption key. 

Moreover, if the tertiary user, instead of the secondary user, falsely 
requests for secondary utilization to the key control center 9, the 
second secret - key Ks2 and the third secret - key Ks3 are 
transferred to the tertiary user as a decryption key and an 
encryption/decryption key respectively. However, it is impossible to 
decrypt the encrypted data CmKs3 by the second secret - key Ks2 
transferred as a decryption key. 

Therefore, it is impossible to falsely request for data utilization. As 
a result, not . . . 

...of the first embodiment, a copyright management program and, if 

circumstances require, first and second secret - keys are encrypted 
and supplied. 

Also in the case of this embodiment, similarly to the case... 

...recording medium 3, or communication network 8. The data MO is 
encrypted by the first secret - key Ksl: (Formula omitted) 

A primary user who desires primary utilization of the supplied 
encrypted data... 

...receiving the request of the primary utilization of the encrypted 
original data CmOksl generates a secret - key Ksul unique to the 
primary user using the primary user information Iul and transfers it to 
the copyright management center 10. 

The copyright management center 10 receiving the primary user unique 
secret - key Ksul encrypts the copyright management program P by 
using the primary user unique secret - key Ksul (Formula omitted) 
and transfers an encrypted copyright management program Cpksul to the key 
control . . . 

...generated is inherent in the primary user. 

The key control center 9 transfers the first secret - key Ksl for 
decryption and the second secret - key Ks2 for decryption/encryption 
to the primary user terminal 4 via the communication network 8... 

...received from the copyright management center 10. 

In the primary user terminal 4 receiving the encrypted copyright 
management program Cpksul, first secret - key Ksl, and second 
secret - key Ks2, database system software S previously distributed 
generates a primary user unique secret - key Ksul in accordance with 
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In the case where. 



...video conference via the communication network 8, the data M is 

encrypted by the second secret - key Ks2 using the video conference 
data management program P: (Formula omitted) 
The encrypted data Cmks2 . . . 

...receives the request for the second use of the data M finds out the 
first secret - key Ksl according to the name or the number of the 
video conference data name or number to generate the second secret - 
key Ks2 based on the first secret - key Ksl: (Formula omitted) and 
supplies the generated second secret - key Ks2 to the non-participant 
4 6 of the video conference. 

The non-participant 4 6 of video conference who receives the second 
secret - key Ks2 decrypts the encrypted data Cmks2 by the second 

secret - key Ks2 by using the television conference data management 
program P: (Formula omitted) and then, uses... 

...47 of the video conference, the video conference data M is encrypted by 
the second secret - key Ks2 using the video conference data management 
program P: (Formula omitted) 

Incidentally, the third secret - key Ks3 may be generated on the 
basis of the second secret - key Ks2 with .the television conference 
data management program P: (Formula omitted) and the data M can be 
encrypted with the video conference data management program P by this 
generated third secret - key Ks3: (Formula omitted) 

In embodiment 19 described above, the constitution of the data 
copyright management. . . 

...Figure 4 for realizing the video conference data management system is 
applied and alter the secret - key which has been used. 

However, as a constitution of a system for realizing the video... 

...5 can be applied. Further, as cryptosystem used in such a case, the ■ 
non-altered secret - key , the public-key and the private-key, a 
combination of the secret - key , the public-key and the private-key, 
and the complex keying which is explained from. . . 

...only normal communication software such as a data communication 

protocol but also a program for decrypting a copyright management 
program by a first crypt key , it is necessary to be protected. 

In case of the present invention, a first crypt key Kl, a second 
crypt key K2, and a copyright management program P are transferred 
to each user in order to use data M. Therefore... 

...private-key in the public-key cryptosystem and the program containing 
algorithm for generating the secret - key are kept when needed. 
For keeping them, it is the simplest means to use a. . . 

...software and user data as a database. 

The read-only memory 55 also stores a first crypt key , a second 
crypt key , and a copyright management program supplied from a key 
control center 9 or a copyright management center. Because. . . 
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.SPECIFICATION this sensitive information from unauthorized persons. The 
same data is encrypted under a hardware manufacturer secret key 
called a Common Supervisor Key (CSK) to generate E( sub (CSK) ) (token 
data). It is...B. As Fig. 1 shows the application file B is encrypted 
under the software decryption key AK. A second file on the 
distribution disk 16 is the software decryption key, encrypted under 
the key CSK. Finally, the last file on the distribution disk is... 
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INTERNATIONAL PATENT CLASS: G06F-012/14 ... 

...SPECIFICATION and a secret computer key. However, the public computer 
key is first decrypted under the secret key of the computer 
manufacturer and stored in the computer in that form. When the program... 

...pair; i.e, a secret computer key and a public computer key decrypted 
under the secret key of the designated public registry. The advantage 
to this approach is that the file key. . .press-on label visible to the 
user. This identification or number is associated with the secret key 
of the crypto facility of the computer. The program number and the 
diskette serial number ... simply encrypts the provided program number and 
diskette serial number, concatenated together, with a special secret 
key , SK, used only to generate multi-digit authorisation numbers. The 
n-bit portion of the ... encryption key, KP, from table 27. Alternatively, 
the key KP can be generated from a secret key belonging to the key 
distribution centre in a similar manner as the eKT(TR) keys are 
generated using secret key KT as shown in Figure 3. This encryption 
key is then used to encrypt the ... implementation containing the Data 
Encryption Standard (DES) algorithm and storage for a small number of 
secret keys . It can be accessed logically only through inviolate 
interfaces secure against intrusion, circumvention and deception... 

...personal computer and smart card with no loss of security to protected 
software or the secret keys or parameters that support the system. To 
interface to the system, it is only necessary. . . 

...this embodiment, the main advantage of the PK algorithm is achieved, 
namely that a universal secret key need not be stored on the smart 
card. The card manufacturer personalises the card with... the computer 
with a unique key pair, the computer public key, PKt, and the computer 
secret key , SKt . The computer manufacturer has the public key of the 
computer recorded in a public... 

...this means that PKt is stored in the form dSu(PKt), where'SKu is the 
secret key of the registry and PKt is the public key of the computer. 
This value dSu. 



.several redundancy bits (0 bits in this case) concatenated with it is 
decrypted under the secret key SKu . SKu is the secret key 

belonging to the computer manufacturer. The redundancy bits are added to 
the message so that ... 
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...101 of the computer 10 where it is decrypted in decryption block .105 
using the secret key , SKt, of the computer and then exclusive ORed 
with the random number T. The file... 

...properly recorded in the registry, i.e. for which PKt has been 
deciphered under the secret key of the registry. 

The advantages of the mixed public key and DES embodiment are several 

...with no loss in security to the protected software of a given vendor or 
the secret keys or parameters that support the system. To interface 
to the system, it is only necessary. . .constant of sufficient bits which 
may have a value of zero all decrypted under the secret key , SKu, of 
the distribution centre. 

Also with the smart card, a third operation shown in ... constant of 
sufficient bits which may have a value of zero all decrypted under the 
secret key , SKu, of the distribution centre. Used in conjunction with 
the second operation, the seventh operation... 

...CLAIMS identifier and then encrypting the program number and storage 
medium number concatenated together with said first key to 
produce a second key at the key distribution centre, and 
encrypting the secret file key of the program with said second key 
to produce said password. .. further comprising the steps providing the 
computer with a public key, PKt, decrypted under the secret key 
of a public registry, and also providing said cryptographic facility 
with a corresponding secret key , SKt, providing said smart card 
with a public key, PKu, encrypting in the smart card the computer 
public key decrypted under the secret key of the public registry 
with the card f s public key PKu to produce said key... 
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Detailed Description 

. . . individual key given to each of the content 

output apparatuses so as to generate a plurality of encrypted 
intermediate key groups; and distributing to the content output 
-13 

apparatuses, an encrypted intermediate key group set that is made ... when 

it receives the encrypted intermediate key group set 

ENCMKGS from the intermediate key group encryption unit 115, 

distributes the received encrypted intermediate key group set 
ENCMKGS to the plurality of output apparatuses 13a to 13n via the 
communication path 10, 
(7) Input Unit 117 . 

...group encryption * unit 115 outputs the 

generated encrypted intermediate key group set ENCMKGS to the 
encrypted intermediate key group set distribution unit 116 (S1112) . 

The encrypted intermediate key group set distribution unit 
116 receives the encrypted intermediate key group set ENCMKGS, 

distributes the received encrypted intermediate key group set 
ENCMKGS to the plurality of output apparatuses 13a to 13n, and 
terminates the operation (S1113) . 

<<Operation at Revoking Output ... Group Storage Unit 127 
The system secret parameter group storage unit 127 holds 
the system secret key group SPG as shown in FIG. 12. The system 
secret parameter group receiving unit 126...nent has an effect that 
the key issuing center 21 can reduce the frequency of distributing 
the encrypted intermediate key group set EMCMKGS to the plurality 
of output apparatuses 22a to 22n by embedding sets of intermediate 
key groups in the... unit 616 (S6112) . 
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The encrypted intermediate key group set d . istribution unit 

616 receives the encrypted intermediate key group set ENCMKGS, 

distributes the received encrypted intermediate key group set 
ENCMKGS to the plurality of output apparatuses 63 a to 63n and 
terminates the process (S6113) . 

They are the...CK2 based on the content key CK, further encrypts the 
content 

CNT based on the second content key CK2 and distributes the 

encrypted content ENCCNT and the encrypted second content key 
CK2 to the output apparatuses 63a to. . . 

. . . content key 

CK3. encrypt the content CNT based on the third content key CK3, 

and distribute the encrypted content ENCCNT, second content key 

CK2 and third content key CK3 to the output apparatuses 63a to 63n. 

It may. . . 

Claim 

individual key given to each of the content output 
apparatuses so as to generate a plurality of encrypted intermediate 
key groups; and 

distributing , to the content output apparatuses, an encrypted 
intermediate key group set that is made up. . . 

...individual key given to each of the content output 

apparatuses so as to generate a plurality of encrypted intermediate 
key groups; and 

distributing , to the content output apparatuses, , an encrypted 
intermediate key group set that is made up. . . 
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content item or a part of the content item. A digital right may 

comprise a plurality of content decryption keys . Alternatively, a 

digital right may comprise a small software application which is able- 

to generate content decryption keys. Advantageously... 
...integrated circuit of the method as well as re-encrypt the digital right 

using a secret key that is only known to authorized integrated 

circuits. This provides a high level of security... 
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Detailed Description 

... process creates the encrypted content C'i by using the encryption 
algorithm Ei and the secret key Ki to process the plaintext content 
Ci in a well known manner. There is associated... 

...algorithm a decryption algorithm, Di, such that when the encrypted 

content C f i and the secret key Ki are processed using the decryption 
algorithm, the plain text content Ci is returned, i... 

Claim 

remote server said information provided to the user using a first 
encrypting process and a first encryption key ; and downloading * to 
a browser at the user a page containing said encrypted information. 

5 The method. . 
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Detailed Description 

... key server delivers the message key to the recipient, which uses the 
message key to decrypt the email. 

Distributing symmetric keys via a key server has many positive 
attributes. For example, a sender (or any authorized party) can determine 
when a recipient... 

...key that encrypts the message key and an envelop decryption key is the 
private or secret key that decrypts the message key. 

Key exchange algorithm means the algorithm a sender and the... 
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Detailed Description 

. . . of processes such as data encryption and authentication. In a typical 
symmetric cryptographic process, a secret key is known ...In systems 
using asymmetric or public-key cryptography, one party typically performs 
operations using a secret key , e.g., the so-called private key, while 
the other performs complementary operations using only... as described for 
example by E. Biham and A. Shamir in "Differential Fault Analysis of 
Secret Key Cryptosystems, " Advances in Cryptology — CRYPTO '97, ...uses 
the same key to transform ciphertext blocks into their corresponding 
plaintexts . 

To obtain a secret key from . . .maintain and manipulate secret 
parameters in open environments without revealing their values. 
Compromise of a secret key used to compute a digital signature could, 
for example, allow an attacker to forge the... being manipulated within 
it. Such signals can be measured and analyzed by attackers to recover 
secret keys . State transitions are also a major ...amount of power 
consumed when the system is in transition. Attackers can non-invasively 
extract secret keys using external measurement and analysis of a 
device's power consumption, electromagnetic radiation, or processor... 
fluctuations, DPA attacks use statistical analysis and error correction 
techniques to extract information correlated to secret keys . Hence, 
DPA is a much more powerful attack than SPA, and ...lookup at a time, it 
is only necessary to guess the six bits of the secret key that are 
relevant to the S-box being observed and corresponding to the power 
consumption possible sequences of values for a given 6-bit portion of the 
56-bit secret key . For each guess of the values of these six bits, 
one divides the samples into... the six key bits was incorrect. This 
process of guessing at the value of the secret key , dividing the 
power signature samples into those which will yield a 1-output and those 
...remaining key space of 21 = 256 possible keys to find the- balance of 
the correct secret key . It becomes apparent how little information 
the attacker needs to employ such an attack. The ... indexed key update 
technique are disclosed. In one embodiment, a cryptographic client device 
maintains a secret key value as part of its state. The client can 
update its secret value at any. . .power consumption, and the actual " EEPROM 
contents are derived. If such EEPROM content is a secret key guarding 
an electronic transaction for example, the security of the whole 
electronic transaction system is... 20 and that suffers from the 
information - 19 leakage of the EEPROM 20, namely the second 
cryptographic key 21, is transferred in encrypted form. Since the 
leakage of the ROM 40 and the RAM 30 is lower than. . .prone to the attack 
stated above. The encryption step is performed under use of another 
secret key , the cryptographic master key 45, that may either be unique 
to the chip, or unique... 
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symmetric key cryptography, the two parties who want to 
communicate in private share a common secret key , say K. the sender 
encrypts messages with K, to generate a cipher, i.e. C...for any 
message M of his choice since the computation is based on a shared 
secret key . With digital signatures this is not possible since 
only the sender has knowledge of the... The network station receiving the • 
first 

authentication request is the network station which generates and 
distributes the shared symmetric crypto - key . Thus, both the second 

D and third network stations can perform identical operations. 

In one beneficial aspect of the ... preferably are associated with a 

sponsor. A sponsor 

is an entity controlling generation, assignment, and distribution 

of the asymmetric crypto - keys . Furthermore, either the first or the 

second network station can be the network station having generated 

t-he asymmetric. . .user 1 s portion of the private key. CI can 

than be used as a shared secret key between the user and the 

sponsor stations. Thus, by demonstrating knowledge of CI, the user... 
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... data in the distributor database. A preferred distributor database 
encryptor includes an on the fly encryptor . The 
8 

distributor database encryptor preferably uses public keys 
generated by a plurality of facilities of the election system to 
encrypt the distributor database. 

Decryption of data within. . .the only way to completely decode a piece of 
data would be to acquire the secret keys of all severs, which, by our 
assumption, is impossible. Because the database is encrypted piece... 

...a randomly selected third facility C. Facility C then decrypts the data 
with its own secret key , verifies that the size and the structure of 
the data it received have not been... We first prove the following lemma. 

Lemma 1. If no facility knows all other- facilities 1 secret keys , then 
any collaboration among facilities can be detected by a non-collaborating 
facility. 

Proof. We. . . 

Claim 

the only way to completely decode a piece of data would be to acquire 
the secret keys of all severs, which, by our assumption, is 
impossible. Because the database is encrypted piece... 

...a randomly selected third facility C. Facility C then decrypts the data 
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with its own secret key , verifies that the size and 5- the structure 
of the data it received have not... on the fly encryptor. 
5 1 

. The election system according to Claim 39 wherein said distributor 
database encryptor uses public keys generated by a plurality of 
facilities of said election system to 
encrypt said matcher database. 

42 The election system... the fly encryptor. 1 5 146. The election system 
according to Claim 14 4 wherein said distributor database encryptor 
uses public keys generated by a plurality of facilities of said 
election system to encrypt said matcher database. 147. The election 
system. . . 
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Detailed Description 

for sending in an email message. 

This algorithm performs three block encryption algorithms using a secret 
key , called Kmt, chosen by the server during installation. If this key 
is compromised, then the. . . 

. . . XTEA, which has a 128-bit key. 

If the server needs to change the Kmt secret key , it will not be able 
to recognize MTs created by the old key. However, if... can be expressed 
as a function as show immediately below. In one embodiment, the Data- 
Encryption - Key is the first 128-bits of the 160-bit OAEP-Seed. 
SealSignedlnsideEnveloped (Recipient-Public-Key, Sender-Private-Key. . . 
address match using an algorithm described in [Mtag] that is based on a 
server specific secret key . This means that the attackers cannot 
forge new download URLs, they can only replay ones... email address of the 
client. The first part of the response will be the private keys . The 
second part of the response will be a certificate chain that starts with 
the user 1 . . . 

...Public-Key-Length - n bytes, MSB first = length of following field in 
bytes . 

* Enveloping-Public- Key - n bytes, MSB first = Modulus. 

The format of the Certificate Response is shown below. In another 
preferred embodiment, the ... transformation of the fields of a Resource 
Tag can be based on one or more secret keys known to the Resource 
Owner using series of block encryption steps on portions of the... 

...allows the transformation to be reverse by an entity that knows the one 
or more secret . keys . 

For a 9 to 16 byte Resource Tag, the cryptographic transformation can be 
performed by. . . 

...that the User (client) communicating with the Resource Owner (server) 
has current access to a secret key (e.g., triple-DES or XTEA or RC5 
or AES key) associated with a key... the User Credential Information where 
the key identifier allows the server to lookup the same secret key 
known to the client, and other fields in the User Credential Information 
are verified© using a cryptographic checksum based on that same secret 
key . 

The Resource Owner determines whether to grant access to the Resource 
(e.g. , e-mail. . . 

...embodiment (16), wherein the fields of a Resource Tag are based on one 
or more secret keys known to the Resource Owner. (19) The method in 
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4 6 The method in claim 6, wherein the first information comprises the 
Resource Tag, and. wherein the cryptographic primitives for 
Encrypted-Data providing privacy and data integrity based on a secret 
key and a cipher algorithm. 

91 The method in claim 90, wherein the cipher algorithm being... 

...claim 89, wherein the cryptographic primitives for 

Signed-inside-Enveloped-Data providing transport of a secret key from 
Sender to Recipient using a public key of the recipient. 

93 The method in claim 92, wherein the secret key being selected from 
the set comprising a message key and a session key. . The method. . . 
...wherein the cryptographic primitives for Encrypted-Data providing 
privacy and data integrity based on a secret key and a cipher 
algorithm; and the cryptographic primitives for 

Signed-Inside-Enveloped-Data providing transport of a secret key from 
Sender to Recipient using a public key of the recipient. 

96 The method in. . . 

...wherein the cryptographic primitives for Encrypted-Data providing 
privacy and data integrity based on a secret key and a cipher 
algorithm. 

99 The method in claim 90, wherein the cipher comprise a... the next block 
of Encrypted Data. 1 00. The method in claim 99, wherein the secret 
key to the cipher is one input to this primitive. 101. The method in 
claim 99. . . 

...cipher without an Initialization Vector, the bytes of the key are not 
reused, and the secret key to the cipher is one input to this 
primitive. 103. The method in claim 102... 

...tamper detection, is provided by a cryptographic message authentication 
code that is based on a secret key . . The method in claim 104, 
wherein the secret is equal to or derived from the... 

...122. The method in claim 89, wherein new secret session keys are derived 
from old secret keys that where previously agreed to by the Sender 
and Recipient thereby avoiding all or a... wherein the Secure Response 
message protocol is implemented using the Encrypted-Data primitive with a 

secret key know to the Recipient that is included inside the message 
that was received securely. 138... 

...wherein the Secure Response message protocol is implemented using the 
Encrypted-Data primitive with a secret key know to the Recipient that 
is included inside the message that was received securely and... claim 
156, wherein the cryptographic primitives for 

Signed-Inside-Enveloped-Data provide transport of a secret key from 
Sender to Recipient using a public key of the recipient. 158. The method 
in. . . 
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code or key to access multiple media, and presents a potential for 
interception of enabling keys or codes . 

Many previous distribution systems, especially those relating to 
electronically or optically stored information, have been designed to 
prevent ... the storage medium by the data storage engine. The keys may be 
encrypted using a secret key stored within the data storage engine 
prior to writing them to the media. In stage... 

14/3, K/52 (Item 10 from file: 349) 

DIALOG (R) File 34 9:PCT FULLTEXT 

(c) 2005 WIPO/Univentio. All rts. reserv. 

00757055 **Image available** 

PUBLIC CRYPTOGRAPHIC CONTROL UNIT AND SYSTEM THEREFOR 

UNITE DE CONTROLE CRYPTOGRAPHIQUE PUBLIQUE ET SYSTEME DE MISE EN OEUVRE 

Patent Applicant /Assignee : 

WAVE SYSTEMS CORP, Suite B200, 480 Pleasant Street, Lee, MA 01238, US, US 
(Residence) , US (Nationality) 
Inventor ( s) : 

SPRAGUE Steven K, 147 Reservoir Road, Lenox, MA 12040, US 
KAZMEIRCZAK Gregory J, 36 Labaw Way, Belle Mead, NJ 08502, US 

Legal Representative: 

JACOBSON Allan J, Intellectual Property Law, 13310 Summit Square Center, 
Route 413 & Doublewoods Road, Langhorne, PA 19047, US 

Patent and Priority Information (Country, Number, Date) : 



Sylvia Keys 



22-Jul-05 02:14 PM 



Patent: WO 200070429 Al 20001123 (WO 0070429) 

Application: WO 2000US13239 20000515 (PCT/WO US0013239) 

Priority Application: US 99313295 19990517 
Designated States: 

(Protection type is "patent" unless otherwise stated - for applications 
prior to 2004) 

AU CA CN JP KR NO 

(EP) AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE 
Publication Language: English 
Filing Language: English 
Fulltext Word Count: 12612 

Main International Patent Class: G06F-001/00 
Fulltext Availability: 

Detailed Description 

Claims 
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... 8 parity 
bits. 

As used herein, performing a cryptographic operation on a variable under 
a secret key means to encrypt (or decrypt) that variable (usually a 
key) using the secret key to generate another key. Encryption may be 
performed under a 

single key, or under multiple ... on a first fixed string A 940, a second 
fixed 

string B 956 and a secret key , called the client key 942. The client 
key 94 2 is stored in a programmable memory. . . 

Claim 

generating a first security applet and encrypting said first security 
applet in process using a first cryptographic key to form a first 
encrypted security applet and distributing said first encrypted 
security applet to said user computer, 

a cryptographic key distribution method at said cryptographic operations 
process using a first cryptographic key to form a first encrypted 
security applet and distributing said first encrypted security applet 
to said user computer, a cryptographic key distribution apparatus at said 
cryptographic operations... 
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... to the data item. At least one of the transfers of permission may 
include the transfer of a first encryption key , and the method 
may include using a second encryption key to encrypt the first 
encryption key prior to transfer . The first encryption key may 
include a secret 
key and the second encryption key may include one of the keys in a 
. public/private ... each of the sender computers and recipient 
computers may rely on encryption devices known as secret keys and 
public/private key sets, and may include a highly secure mechanism, which 
may handle ... 

...more of the keys or key sets, or encrypted or unencrypted data, or both. 
A secret key (also known as a symmetric key) is a s tri ng of data 
(e.g. . . 

...in a way that allows the other data to be de-encrypted using the same 
secret key . A public/private key set includes two strings of data 
(e.g., 1024 bits each... 

...Security Dynamics, Inc., 1982. 

A conventional general-purpose computer can be used to generate the 

secret key and the public/private" key set, which can be stored in 
conventional computer files, as... 

...implement a public/private key encryptor 56, a 

public/private key cle-encryptor 58, a secret key encryptor 60, and a 

secret key de-encryptor 62. A permission data bank 64, a public key 
66, a private key. . . 



. . . known as Java. 



In a specific embodiment, only the publisher computer is provided with 
a secret key encryptor (e.g., because the other computers are not 
originators of encrypted data items) and only the end-user computer is 
provided with the secret key de-encryptor (e.g., because the other 
computers do not display or otherwise make significant... 

.Figs. 8-14 illustrate a detailed example 72 of the usage permission 
transfer procedure. A secret key 74 (e.g., a randomly-generated 
40-bit number) is used to encrypt book data 76 to produce secret key 
encrypted book data 78 (step 2010), which is stored at a sender computer 
(step 2020) . (In a specific embodiment, the secret key is also 
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Detailed Description 

card, for example, which may be denoted a master key, or be encrypted 
using the secret key , such as with symmetric cryptographic systems, 
e.g. DES. Only when the parameters are decrypted. admitted to more than 
one "information 1 5 layer" in the database (by authorization at 
multiple levels) the keys are transferred in encrypted form to the 
tamperproof unit which then decrypts the key data by means of the... 
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